I am configuring an SRX240H2 to connect to an upstream provider. So far, I have put the st0.0 in a vpn zone, and am using the lo0.0 as the external interface (like an unnumbered tunnel).
The challenge that I am having is that I need to configure eBGP through the VPN (route-based) tunnel to the other side. Can I just use the same lo0.0 interface for the BGP local address? On my ScreenOS box that I am replaceing, I can have multiple loopbacks so that I can have both an unnumbered tunnel off a loopback and the BGP off another loopback.
I get this error on commit:
'unit 1'
if_instance: Multiple loopback interfaces not permitted in master routing instance
error: configuration check-out failed
I know that means that I have to now create two routing instances, but 1. I don't know how to do that (don't understand fully) and 2. Is there a way around that so that I can have both BGP through the VPN tunnel and the loopbacks?
Thank you
#vpn#BGP#loopback#IPSec