I digged arround for some time now and the common mantra still seems to be that roon does not support different subnets (vlans) in anyway. However, most interesting threads I found are 2+ years old, so I decided to start a new one.
We have a roon core running on Linux in a VM on vSphere 6.7. roon and some audio devices are in a private network. We also have a public network, including a Sonos Connect playing music in a public area (kind of). Both can access files on the same SMB share, routing is done by Sophos SG.
Now I would like roon to have the ability to use Sonos as an output device but someone, who has access to the public network should not have acces to roon core and must not have access to the private network.
Options I thought about:
putting all audio devices, roon and Sonos Connect in a completly new network
bridging both networks
assigning a 2nd NIC to the roon VM
port forwarding all relevant Sonos ports to the private network
Obviously, since roon core nor Sonos offer something like user logins, option #1 would give control over roon to anyone who has access to the new network. Option #2 would even give access to the whole network.
Option #3 I’m very unsure about how roon core would handle a 2nd NIC apearing in the Linux OS. Would all services just work in both networks? This seemed to work for some users here with roon ROCK. Does someone here has a clue about this?
Option #4 seems to be impossible. I have never bridged networks before and forwarding broadcast packets is prohibited by Sophos SG, but it seems like I need to.
So if there is anybody out there who can provide expirience on #3 or #4, please share your work.
Okay so you did give your roon core 2 network interfaces, right? How did you manage to spread split services? Simply with firewall/port blocking or is there a config file for roon core somewhere?
Okay if I understand correctly this will mean I have to put roon core and Sonos into the same IP-Subnet (thats not the case right now). Then block Traffic between devices on packet level in the switch or router, wich will requiere a port list. I found some ports mentioned in this forum but it’s not clear wich port ist what for.
Also, my Sonos (roon endpoint) will be in the public part of the net, roon core and remote will be private.