Skip to main content

Hi guys, I have 2 VLANS, 1 for my IoT devices which the sonos products are on and 1 for my personal devices like phone, laptops, tablets. My current firewall is setup so that any traffic from the IoT vlan to the personal vlan will be dropped. I also enabled multicast dns on my network settings.

 

Originally my iPhone was able to cast to the sonos speakers via spotify. However the sonos s2 app was not able to find my sonos system. I created a firewall rule “source: sonos device IPs → destination: any device on port 1400, 3400, 3401, 3500, 1900, 1901. I found those ports on this page: Configure your firewall to work with Sonos. After I created the rule, my iPhone is able to find my system.

 

When I try to use the MacOS S2 app found here on my personal network, it can’t find the sonos devices.

Question

Do the desktop / MacOS apps need additional ports configured in the firewall for them to work with sonos systems in a different vlan?

 

My Setup Just In Case

Network Hardware

Unifi Dream Machine Pro

24 port switch (connected to udm pro)

5 port switch (connected to 24 port switch)

Sonos Devices

Sonos Amp - wired / wifi disabled / connected to 24 port switch

Sonos Amp - wired / wifi disabled / connected to 24 port switch

Sonos Port - wired / wifi disabled / connected to 24 port switch

Sonos Arc - wired / wifi disabled / connected to 5 port switch

Sonos Sub - wired / wifi disabled / connected to 5 port switch

Firewall Rules

  1. Allow Established or Related Connections
  2. Allow Personal LAN to any network
    1. source: personal lan
    2. destionation: anywhere
  3. Allow Sonos App Control
    1. source: sonos devices, any port
    2. destination: any device, ports: 1400, 3400, 3401, 3500, 1900, 1901
  4. Block Inter-Lan traffic
    1. source: RFC1918 ip addresses: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, any port
    2. destination: RFC1918 ip addresses: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, any port

Everyone can ignore this post. I found out that the UDM pro doesn’t relay SSDP across VLANs, which is what sonos is using.