Recently I had been having issues with my Sonos controller talking to my Local music library. Both of them installed on the same machine which is in VLAN 1, where as my speakers are on VLAN 2. I was receiving errors such as Error 1002, unable to connect to...., Cant find media etc.
I narrowed the issue down to Windows firewall blocking something even though I had already created "Allow" rules.
Turning off Windows Firewall fixed the issue and my Sonos Speakers could stream my local media library. However I'm not happy turning off a firewall, so started digging deeper.
I checked each individual Firewall which had automatically been created when installing and running the Sonos controller on the PC.
Bingo - I found under the Scope option that the Sonos Library and Sonos Controller firewall rule had an exemption that would only allow connections from devices on a local subnet and blocking anything from a remote IP /Subnet. Allowing all remote IP's or remote subnets fixed the issue but rather than leaving it open like this, I defined my 'remote subnet' of VLAN 2 in the list. This fixed my issue but also kept my firewall rule relevant.
To add further security I changed the "remote IP / Subnet address" from my VLAN 2 subnet to just the IP addresses of my Sonos Speakers on VLAN 2. Now the only devices able to access my Sonos local library are the Sonos Speakers.