Sonos & Windows 10 Firewall

enter image description here

Recently I had been having issues with my Sonos controller talking to my Local music library. Both of them installed on the same machine which is in VLAN 1, where as my speakers are on VLAN 2. I was receiving errors such as Error 1002, unable to connect to...., Cant find media etc.

I narrowed the issue down to Windows firewall blocking something even though I had already created "Allow" rules.

Turning off Windows Firewall fixed the issue and my Sonos Speakers could stream my local media library. However I'm not happy turning off a firewall, so started digging deeper.

I checked each individual Firewall which had automatically been created when installing and running the Sonos controller on the PC.

Bingo - I found under the Scope option that the Sonos Library and Sonos Controller firewall rule had an exemption that would only allow connections from devices on a local subnet and blocking anything from a remote IP /Subnet. Allowing all remote IP's or remote subnets fixed the issue but rather than leaving it open like this, I defined my 'remote subnet' of VLAN 2 in the list. This fixed my issue but also kept my firewall rule relevant.

enter image description here

To add further security I changed the "remote IP / Subnet address" from my VLAN 2 subnet to just the IP addresses of my Sonos Speakers on VLAN 2. Now the only devices able to access my Sonos local library are the Sonos Speakers.

Cloudflare and DNS-O-Matic

enter image description here

Following on from the CloudFlare with Emby post. HERE

If your ISP issues you with a DHCP WAN IP then you need something to update Cloudflare with your WAN IP when it changes.

The simplest way to do this is with DNS-O-Matic. Unlike many other DDNS services DNS-O-Matic works as a middle man for many DDNS and other services.

  1. Head over to DNS-O-Matic and create and account
  2. Add a services and choose Cloudflare from the list.
  3. Add the following details into the boxes.
email = your Cloudflare username (usually the email address)
API Token = On the Overview page on Cloudflare use the Global API token
Hostname = Your A record name from Cloudflare for example ddns.mymedia.cf
Domain = your top level domain mymedia.cf
  1. We now need to setup a way for our router to update DNS-O-Matic. I use a Unifi USG as my router and it requires the following details
Service = dyndns
Hostname = ddns.mymedia.cf
username = DNS-O-Matic email address
password = DNS-O-Matic password
server = updates.dnsomatic.com

DNS-O-Matci also offer a small program which can run on your LAN and update the details automatically.