RED
A Remote Ethernet Device is a network appliance that provides a secure tunnel between a remote site and the firewall. The RED provisioning service supports RED deployment and provides security options.
- To turn on the RED provisioning service, click the on/off switch, specify details, and click Apply.
- To force REDs to use only TLS 1.2, enable Force TLS 1.2 and click Apply. TLS 1.2 is recommended for enhanced
security. Note For devices to support TLS 1.2, a firmware upgrade may be necessary. Check your device specifications before enabling this option.
- To automatically deauthorize REDs after they have been disconnected, enable Automatic device deauthorization, specify a time, and click
Apply. When a RED attempts to
reconnect after being deauthorized, it will be disabled. This option is recommended to prevent
unauthorized devices from connecting to the firewall. Note This option does not apply to firewall REDs.
- RED unified firmware offers the latest features. Some RED devices (example: RED 50) support both
legacy firmware and unified firmware. To make sure such devices only use unified firmware, select
RED unified firmware.
To update the RED firmware, go to , and install the RED firmware. RED firmware updates aren't installed automatically. This allows you to schedule downtime.
Note RED unified firmware is selected by default. If you've migrated XG Firewall to a different version, your existing RED setting is migrated. However, if you reset XG Firewall to factory configuration, RED unified firmware is selected.
Troubleshooting
If you receive the message “Registering with RED service failed”, check if you can reach the RED service through telnet. Type the following on the command line:
telnet red.astaro.com 3400If you can reach the service, the connection error may be due to high network load. In this case, try connecting again later.