Sophos XG: How to config RED (Remote Ethernet Device)

Sophos Remote Ethernet Device (RED) is a small network appliance, designed to be as simple to deploy as possible. It main purpose is to provide a secure tunnel from its deployment location to a Sophos XG Firewall

There is no user interface on the RED appliance. It is designed to be fully configured and managed from a Sophos Firewall. RED devices can be shipped to a remote site, connected to any DHCP connection to the internet, and be fully configured by a remote administrator with no prior knowledge of the site, and no need to walk local personal through technical setup steps

This guide details how to setup Sophos RED in each of its operational modes,  and outlines common troubleshooting steps to resolve connection issues

Guide to configuring

  • Login to Sophos XG Firewall by admin account


  • In the Admin Console, Network -> Interfaces -> Click Add Interface -> Choose Add RED


  • If having this notification, it means RED configuration still not enable


  • To enable RED configuration, Systems Services -> RED -> enable RED Status and fill out all informations -> Click Save


  • Back to Network -> Interfaces -> Click Add Interface -> Choose Add RED -> Fill out all informations  -> Click Save


  • Create a Zone, Network -> Zones -> Click Add


  • Fill out information, Tick DNS and Ping/Ping6 in Network Services, Tick Web Proxy and User Portal in Other Services -> Click Save


  • Create Firewall Rule, import Rule Name and choose Source Zone is zone which is created before -> Tick NAT & Routing -> Rewrite source address (Masquerading) -> Click Save


Be the first to comment

Leave a Reply

Your email address will not be published.