I've got a bunch of Sonos equipment in my house, and just added some WiFi only Moves.

I also have a secure and IOT wifi networks; all of the Sonos and other junk connect to the IOT side of things.

The trouble I was seeing was I could play to the house except for the moves, or I could play to one Move - at a time. If I started the music streaming on a Move, I couldn't add the other, and if I started in the house, I couldn't add the Move. It just wouldn't play. It would appear to be part of the group, but no noise would come out.

In talking to Sonos support, they had me adjust the rule (boxed in red) at the bottom of the screen shot - allow any any to the local lan. and that fixes things. But it kind of defeats the purpose of a separate IOT network, doesn't it?

So I went searching for the ports that the Sonos products use, and that resulted in the rules (boxed in green) to see if things would work. When I disabled the red rule, problem returned; nothing in the green boxes fixes anything (I first tried destination 192.168.128.0/24 before trying Any) makes it work. 

Is there any rule I can insert that will give me peace of mind and let me still play all the Sonos devices together?