Skip to main content

Firewall rules

  • June 20, 2025
  • 5 replies
  • 389 views
B

Hello Sonos fans,

I have some Sonos devices (Arc, Sub, 2x Era 300) connected to a “multimedia” vlan grouping also my connected TV, a Nintendo console, a Bose speaker etc. All these devices can access directly to Internet and they can be reached by Internet (music streaming...). They can see each other on this vlan.
Laptops, smartphones, ipad are connected on an another vlan “home”.
By default, traffic inter vlan is blocked. 
Which ports should be opened between the home and multimedia VLANs for managing Sonos speakers from the home VLAN and in which direction (home to multimedia and multimedia to home)?
Additional information: my network is managed with an Ubiquiti UDM SE.

Thank you in advance for your help.

This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

5 replies

Pools-3015
Forum|alt.badge.img+17
  • Pools-3015
  • Prodigy I
  • June 20, 2025

This is a question that should be asked in the Ubiquiti community. I feel you will get better answers there than here.

 

Airgetlam
106rallye
Forum|alt.badge.img+18
  • 106rallye
  • June 20, 2025

Sonos does not seem to specify this….

https://support.sonos.com/article/using-sonos-with-a-managed-switch

Since you mention Unifi, would this help? https://github.com/IngmarStein/unifi-sonos-doc

Airgetlam
Mr. T
L
R
Forum|alt.badge.img+18
  • Rhonny
  • Prodigy II
  • June 20, 2025

@ber0604 Here’s an answer that may or may not be accurate… It’s AI but it looks like it makes sense. Please do say whether or not this helps as AI is not a great resource just yet!:

 

To control your Sonos system from the “home” VLAN, you’ll need to allow certain ports and multicast traffic from home → multimedia.

At minimum, allow:

  • UDP 5353 (mDNS)
  • UDP 1900 (SSDP)
  • TCP 1400, 1443, 3400
  • UDP 6969, 10293, 10294

Also, make sure multicast traffic (especially mDNS and SSDP) can cross VLANs — enabling the mDNS repeater on your UDM SE will help with this.

You generally don’t need to allow traffic from multimedia → home, unless you hit a specific issue.

 

 

Airgetlam
L
B
Pools-3015
Forum|alt.badge.img+17
  • Pools-3015
  • Prodigy I
  • June 20, 2025

Sonos does not seem to specify this….

https://support.sonos.com/article/using-sonos-with-a-managed-switch

Since you mention Unifi, would this help? https://github.com/IngmarStein/unifi-sonos-doc

Enabling mDNS and IGMP snooping will help, but as far as access rights, those links don’t explain how its done. 

This is a video that can help with the explanation:

 

Airgetlam
controlav
Forum|alt.badge.img+24
  • controlav
  • Lead Maestro
  • June 22, 2025

Just move the devices you want to run the apps onto the same VLAN as your Sonos gear - they are much more of a security risk than your Sonos devices anyway.

Author of the leading independent Sonos apps for Android, MacOS, iOS, Windows and Xbox.
Terms & ConditionsCookie settingsAccessibility statement