A changelog won’t cover use in unsupported configurations.

That said, try opening TCP 1443 inbound, in addition to the standard 1400.

TCP 1443 is already open. 

For me, it is a big, sad excuse from SONOS: Offering WLAN speakers and not supporting LAN/WLAN technologies that are just up to date and reasonable from a security aspect. I'm not asking SONOS how to setup/configure my network devices, this is my job. But I'm asking which ports and protocols are needed for communication between the controller apps and the endpoints. I can even understand when SONOS is fearing latency jitter in cross-vlan operations so the multiroom experience might be affected from it. However, it's the customer that has to decide the pros and cons of easyness and comfort versus security. If SONOS makes a notice not beeing responsible for impacts of VLAN usage, everything is just fine. 

Hopefully SONOS is rethinking their policy in terms of network related information since the communities senses for security and LAN settings is getting stronger and stronger.  

Hi,

Adding 

UDP: 43674, 43761, 43418

TCP : 3501

to the existing ones listed here. got it working for me

(have not tested if removing the others breaks it yet )

Didn’t help to solve my problems However, thanks anyway!

Yes the UDP ports are probably from a much bigger range, those just happend to be the ones I could see my firewall dropping when I was getting the new app to discover my existing Sonos set-up

I am not even trying to do anything that fancy.   Just one vlan.  Once I upgraded to S2, all devices disappeared from the app.  Now i can't even get them reinstalled after factory reset.   All of this worked before s2 upgrade.  Clearly the s2 app communicates differently with the speakers.   I can get the speakers on the wifi network,  no problem.   I can ping,  i can connect to the secret menus,  etc.  The S2 app just can't see them.   BTW, i am using an Aruba IAP225 for wifi connectivity. 

All of this is a shame.   I am moving into a new house next month and had plans to outfit the whole place with tons of Sonos.   Now I am beginning to wonder id I should go with another brand....

ive had sonos running on a separate vlan for some time now. 

I have always had a problem that when I install new speakers, the device im using to add the speakers needs to be on the same subnet as the speakers. Once the speaker is added, I can go back to my other vlan, and the device is there, and everything works. 

Have you tried connecting your device to the lan your speakers are on just to add them to the new s2 app, and then when working, move the device back to your original vlan

Not sure about the OP, but for me, yes, I am aware that the controller/S2 app need to be on the same vlan for setup.   My particular problem is specific to S2 and my Aruba AP's I am thinking now.   After more  testing,  I am finding,  if I connect my OneSL and my phone to my ISP's built in router wifi, I can set things up,  starting from factory reset,  in 5 minutes with no issues.  Try the same process when connecting to my Aruba AP, and the S2 app can never seem to see the OneSL, even though the OneSL does join the wifi network and its pingable.  I guess if is still possible my firewall is causing problems,  but it seems more likely it is something to do with my Aruba AP's interaction with the new S2 app.  More testing and troubleshooting this weekend.   I will report back. 

Came across this today, and after a poor call with our friends at support I did some wireshark playing around. 

Adding UDP ports 32412-32414 allowed me control again of my products that live on a VLAN.

Here is the list of all traffic allowed for posterity:

TCP 80, 443, 445, 3445, 3400-3401, 3500, 444

UDP 136-139, 1900-1901, 6969, 32412-32414

I did also find a lot of traffic on TCP 1400 and 1443 but did not find them necessary for operation. 

I did not see any traffic on UDP 32413 (but there was on 32412 and 32414 so I opened the range)