Branch name: Enter a name for the branch where the RED appliance is located, e.g. "Office Munich".
Client type: Select RED 10 or RED 50 from the drop-down list, depending on the type of RED appliance you want to connect.
RED ID: Enter the ID of the RED appliance you are configuring. This ID can be found on the back of the RED appliance and on its packaging.
Tunnel ID: By default, Automatic is selected. Tunnels will be numbered consecutively. If you have conflicting IDs, select another ID from the drop-down list.
Unlock Code (optional): During the first deployment of a RED appliance, an unlock code is generated, a security feature, which ensures that a RED appliance cannot simply be removed and installed elsewhere. If the RED appliance you are configuring has been deployed before, you need to provide its unlock code. (If you do not have the unlock code, the only way to unlock the RED appliance is to contact Sophos Support.)
UTM hostname: You need to enter a public IP address or hostname where the UTM is accessible.
2nd UTM hostname: You can enter another public IP address or hostname of the same UTM. Note that you cannot enter the IP or hostname of a different UTM.
Use 2nd hostname for: You can configure what the second hostname should be used for:
Failover: Select this option to only use the second hostname if the first hostname fails.
Balancing: Select this option to activate active load balancing between both hostnames. Use this feature when the external interfaces that the 1st and 2nd hostnames refer to, have the same latency and throughput.
Uplink mode/2nd Uplink mode: You can define how the RED appliance receives an IP address, which can be either via DHCP or by directly assigning a static IP address. You define the uplink mode for each RED uplink Ethernet port separately.
DHCP client: The RED pulls an IP address from a DHCP server.
Static address: Enter an IPv4 address, a corresponding netmask, a default gateway and a DNS server.
Note – There is no one-to-one association between UTM hostname and RED uplink Ethernet port. Each RED port will try to connect to each defined UTM hostname.
Use 2nd uplink for: You can configure what the second uplink should be used for:
Failover: Select to only use the second uplink in case the first uplink fails.
Balancing: Select to activate active load balancing between both hostnames. Use this feature when the external interfaces that the 1st and 2nd hostnames refer to, have the same latency and throughput.
Operation mode: You can define how the remote network will be integrated into your local network.
Standard/Unified: The UTM completely controls the network traffic of the remote network. Additionally, it serves as DHCP server and as default gateway. All remote network traffic will be routed through the UTM.
Standard/Split: The UTM completely controls the network traffic of the remote network. Additionally, it serves as DHCP server and as default gateway. In contrast to the Unified mode, only certain traffic will be routed through the UTM. Define local networks in the Split Networks box below which can be accessed by remote clients.
Transparent/Split: The UTM does not control the network traffic of the remote network, it neither serves as DHCP server nor as default gateway. On the contrary, it pulls an IP address from the DHCP server of the remote network to become a part of that network. However, you can enable access for remote clients to your local network. For that you need to define Split Networks that are allowed to be accessed by the remote network. Additionally, you can define one or more Split Domains to be accessible. If your local domains are not publicly resolvable, you need to define a Split DNS Server, which can be queried by remote clients.
You can find examples for all the operation modes on the Deployment Helper tab.