Hi everyone,
I'm trying to setup active-active tunnels to Azure from a Single SRX... and make those work with BGP. For now,
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/f72897af95014e83925e0f789811169b.png)
I have the 2 tunnels (st0.8 and st0.9) and added the static routes to the other side for BGP (static route 172.16.10.228 / 172.16.10.229) - but on Azure side I only have 1 Local Network Gateway (my public IP + 172.16.5.1 as the BGP peer IP). - so I cannot create multiple entries for other BGP peerings..
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/5af4a9cbc8e3459b8f11f0e02682fd2e.png)
In the on-premises I used 172.16.5.1 as the BGP Local-address to be used by both tunnels
I see both VPN tunnels connect... but one of the BGP comm's is not coming online at all .. it stays in Connect mode (229) - and when the tunnel fails over to the 2nd gateway / VPN tunnel I loose all connectivity as BGP is dropped as well.
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/45752fb64966450dbb7bb4ca6bcd0025.png)
Any idea why it would not work? in my routing options I use:
route 172.16.10.228/32 next-hop st0.8;
route 172.16.10.229/32 next-hop st0.9;
But perhaps its the return route? Would I need to create 2 different BGP local-addresses and use those?
And on this topic, some other vendors use APIPA BGP IP addresses - how would that work in Juniper and could that resolve it ?
------------------------------
Roelf Zomerman
------------------------------