I have a Sonos system that consists of two Play:5 (Gen 2) speakers, two One (Gen 2) speakers, and five One (Gen 1) speakers.

The two Play:5 speakers are in a stereo pair and are connected to an Ethernet port in my wall that runs to a UniFi switch.

The Sonos system is on a VLAN that is separated from other VLANs in my network via firewall rules.  The devices (phones and laptops) that run the Sonos apps are on their own VLAN.

I’ve noticed that my UniFi network logs are full of entries (just about every minute) saying that one of the Sonos speakers was blocked by a firewall rule from accessing the PC that runs my Plex server.  Every Sonos speaker appears to be doing this.

I’ve allowed all of the ports listed on https://support.sonos.com/en-us/article/configure-your-firewall-to-work-with-sonos through my firewall rules, except for the Windows Media Sharing UDP ports, as I’m not doing any Windows media sharing.

The port on the PC that Sonos is trying to access is always the same (53957) but the port that the given Sonos speaker is using always varies, though they always appear to be in the 60000 range.

Does anyone know what these ports are for and what Sonos is doing trying to access them?  Do I need to allow 53957 or the 60000 range through the firewall from the Sonos VLAN to the Plex server PC?