RED interfaces

A Remote Ethernet Device (RED) provides a secure tunnel between a remote site and XG Firewall.

REDs connect remote branch offices to your main offices as if the branch office is part of your local network. Using RED interfaces, you can configure and install RED appliances or create a site-to-site RED tunnel between two XG Firewall devices in a client-server configuration.

You can configure RED tunnels using the following options:

  • RED appliance: You can establish a tunnel between XG Firewall in the head office and a RED appliance (example: SD-RED) at the remote office. To configure RED appliances, you configure a RED interface on XG Firewall, and install the provisioning file on the RED appliance.
  • Firewall RED device: You can create a site-to-site RED tunnel between two XG Firewall devices in a client-server configuration. Firewall RED devices are XG Firewall devices that communicate using the RED tunnel. You can use Firewall RED device types as follows:

    Firewall RED server or client: Select this if you're connecting XG Firewall to a UTM using 9.700 or later.

    Firewall RED server or client (legacy): Select this if you're connecting XG Firewall to a UTM using versions earlier than 9.700.

How to configure a remote RED appliance

You can connect RED appliances, such as SD-RED, installed in the remote office to XG Firewall installed in the main office.

  1. Go to System services > RED. Turn on RED service, and register XG Firewall with the RED provisioning server. This is a one-time action.
  2. Configure the RED interface on your XG Firewall. See Add a RED interface.
  3. Connect the RED appliance to the internet at the remote site.

How to configure Firewall RED devices

You can connect XG Firewall devices in the head office and remote office using a site-to-site RED tunnel.

  1. Go to System services > RED. Turn on RED service, and register XG Firewall with the RED provisioning server. This is a one-time action.
  2. Configure firewall 1 as the Firewall RED Server. See Add a RED interface.
  3. Go to Network > Interfaces. Download the provisioning file for firewall 1.
  4. Configure firewall 2 as the Firewall RED Client. Upload the provisioning file.