Setting up a Sophos UTM <–> Sophos UTM as RED, can be little tricky, because you have to use seperate “Red-Tunnel”  ip addresses for the RED interfaces and have to setup static routing and firewall rules, but Sophos made some KB’s describing this, and this one is the best, going from the beginning to the very end 😉 :
https://www.sophos.com/de-de/support/knowledgebase/120157.aspx
This can some time be of some advantage, it you have Wireless Security subscription in one end, but have Sophos AccessPoint in the other, where the is no license for this.
You cannot forward the “Magic IP” (1.2.3.4) for Wifi management through a IPSEC tunnel, so therefore the above can make you achieve this 🙂
