BGP - Tunnel Firewall Configuration /device J/SRX/LN Enable BGP on the headend tunnel firewall for the given stores (NOTE: Use 3 digit store numbers, separated by a comma). Single true true true true 1 routing-instances { vpn { protocols { bgp { #foreach ($STORE in $LOCATIONS.split(", ")) group Store-$STORE { peer-as 63$STORE; neighbor $PEER; } #end } } } } LOCATIONS Locations Text Field Use 3 digit store number, separate by a comma. 1 PEER Peer Invisible Field IP address of the store firewall st0.1 interface. /device/configuration/interfaces/interface[name='st0']/unit[name='2']/family/inet/next-hop-tunnel[contains(ipsec-vpn, '$STORE')]/name/text() 2 STORE Store Invisible Field Store number (automatically obtained). 3