VXLAN between two OPNsense

[mic]

Hi,

I need to configure VXLAN between two OPNsense. This is my situation
OPNsense A as a phisical Firewall in head office

IP Public: a.a.a.a
LAN 1: 192.168.100.1/24
VLAN 200: 192.168.200.1/24
VLAN 210: 192.168.210.1/24
VLAN 220: 192.168.220.1/24

OPNSense B as VM in a DC:

IP Public: b.b.b.b
LAN 1: 192.168.2.1/24

Mi goal is to transport VLANs 200, 210 and 220 of Firewall A to Firewall B in DC so as to allow VLANs 200, 210 and 220 to surf the Internet through Firewall B using its IP Public b.b.b.b .

For various reasons I cannot use any other VPN than VXLAN

I tried some configuration but without luck.

Could you help me, please?

Thank you

[bartjsmit]

I tried some configuration but without luck.

That's a bit vague - what did you try and what did (not) work?

[mic]

bartjsmit you are right!  ;D

This is my configuration.

Firewall A

VXLAN

VNI: 100200
Source Address: a.a.a.a
Source port: 5248
Remote address: b.b.b.b
Remote port: 5248
Multicast group: none
Device: none

I assigned (without IP address) and activated an interface using as device VXLAN_100200
I created a bridge with members VXLAN_200 and VLAN_200
On WAN interface:

Protocol: IPv4 UDP
Source: b.b.b.b
Destination: a.a.a.a (WAN Address)
Destination port: 5248

Firewall B

VXLAN:

VNI: 100200
Source Address: b.b.b.b
Source port: 5248
Remote address: a.a.a.a
Remote port: 5248
Multicast group: none
Device: none

I assigned (without IP address) and activated an interface using as device VXLAN_100200
On Firewall B I have no VLANs to associate with VXLAN 100200

On WAN interface:

Protocol: IPv4 UDP
Source: a.a.a.a
Destination: b.b.b.b (WAN Address)
Destination port: 5248

On both Firewall in rules for VXLAN interface I add only one rule, permit any to any

First of all, I think there is some missing configuration on Firewall B...

Thank you