Skip to content

Troubleshoot RED issues

Troubleshoot issues in your RED setup.

You're unable to connect to the RED provisioning server.


Check whether you can reach the RED service through telnet.

On the command line, type as follows:

telnet 3400

If the result shows Connected to, a high network load may be preventing you from registering with the provisioning server. Try registering later.

Inactive RED access points

After RED access points in a VLAN restart, Sophos Firewall shows them as Inactive.


You can configure SD-RED 20, SD-RED 60, and RED 15w as access points. If a RED access point is in a VLAN, and you restart it, Sophos Firewall may show it as Inactive. After 30 retries, the RED gets a LAN IP address from the DHCP server. The RED access point now shows as Active again.


DHCP option 234 isn't configured for the VLAN interface of the RED. After the RED restarts, it doesn't get an IP address on its VLAN interface.


  1. Click Console in the list in the upper-right corner and type 4 for Device Console.
  2. Attach the DHCP option as follows:

    system dhcp dhcp-options binding add dhcpname <dhcp server name> optionname dhcp_magic_ip(234) value <interface ip address>

    Replace <dhcp server name> with your DHCP server's name in the RED access point VLAN. Replace <interface IP address> with the IP address you configured for the RED access point interface connected to the VLAN.

    Within a short time, the RED access point receives an IP address on the VLAN interface.

  3. To check your settings, use the following command:

    system dhcp dhcp-options binding show dhcpname <dhcp server name>

    Replace <dhcp server name> with your DHCP server's name in the RED access point VLAN.