Skip to main content
Hi all,



I am designing the LAN for a company. The whole network is separated in VLANs, for security reasons. The SONOS system is deployed on the same LAN than the WiFi connection of the office, which means every mobile connected to the WiFi is able to control the SONOS. Now, I have a computer which is in another VLAN that would need to control the SONOS.

From a network point of view, everything is setup. I can ping every speaker from that computer, the routes have been setup. So, basically, I should be able to be connected to this SONOS System, but it looks like the automatic detection doesn't see the speakers. It would be nice if I could specify on which network I can reach the SONOS.



How could I make this work?

Thanks you so much in advance for your help,

Louis
The automatic detection relies on the controller being able to receive the broadcast/multicast traffic that Sonos devices send out. Since you're working with two different subnets, you'll need something to translate that traffic between the two subnets.



Some people have used a process called IGMP Proxy to make it work... one enterprising individual here actually needed IGMP Proxy for something else (IPTV through his service provider, IIRC), so he wrote a Python script for Linux to translate the specific broadcast traffic between the network his Sonos is on and the network his controllers are on.
I'm impressed someone could write that script but it seems unlikely the average Joe is gonna be able to do that. Points to what I think is a Sonos weakness, too complicated and requires skills of the network engineer to get around. My opinion may indicate more about me than the product.
Oh, this is definitely not a "normal" setup for the average user. But as the OP mentioned, this is for a business, and businesses often have multiple networks for various uses.
I did this setup a long time ago, you might find some useful info in that post: https://en.community.sonos.com/troubleshooting-228999/multiple-subnets-vlans-and-sonos-workable-clavister-solution-30950



Since then it seems that the players use a combination of multicast and broadcast to find the system, meaning you might get away with only allowing broadcast through the vlans (255.255.255.255 udp 1900) instead of the multicast. Depending on which firewall/router you are using, there might be functionality to allow this. Other options include having dedicated servers to forward the discovery traffic (either dual nic or two separate machines) but I would avoid that if possible for simplicity and security.