log should show you which firewall policy and rules blocked it.
So you can make temporary policy ABOVE that blocking one (R-click -> Insert empty - Above).
And that new one might have their source IPs and accept their connections.
But shouldn't they test also ability to pass through your firewall? This also looks like social-engineering test to highlight how willing you are to bend the rules if someone asks for it?
Tom xSilver, planet Earth, over and out!