Giving guest users access to Sonos on corporate AV LAN
Looking to get our guest and BYOD users access over wireless to the corporate AV VLAN.
Our guest and BYOD users are on SSIDs using NAT mode (Clients receive IP addresses in an isolated 10.0.0.0/8 network.) Our corporate AV VLAN contains our Sonos speakers. This is on a VLAN using a different IP scheme (172.X.X.X).
Within the firewall and traffic shaping rules for the SSIDs, what's the ideal way to allow those devices access? I've attached a screenshot of what it's at. I realize it is deny, but what would be the correct way to allow traffic from 10.0.0.0/8 to 172.X.X.X/24 for our Sonos to be reachable for employees to access?
We want to keep them from accessing anything but that AV VLAN.
The Sonos app relies on multicasts that are (by default) only casted onto the local subnet they're on. Opening up the firewall is not enough. You'll need to have some kind of proxy to copy over these multicasts between subnets. The bonjour forwarding functionality may be of help but I'm not sure. I really should take some time to experiment with this as I have Sonos at home but I haven't gotten around to it.