According to the documentation, Box service account for integration with Splunk requires an "OAuth 2.0 Redirect URI" to be directed at Splunk Server instance. This implies that the organization's external firewall needs to be permitting port 8000 inbound to Splunk server.
Is that a hard requirement? Will the add-on will not work if the firewall is not permitting inbound port 8000?
This Redirect URL will use to redirect the control to your Splunk instance. Can you please configure your Splunk instance URL in BOX Side configuration and try to set-up. I think box will authenticate from which instance auth request has done. So it should work. Make sure you have enabled SSL for Splunk web.