We need to run BGP with a third party (their requirement), so that we will dynamically lose their routes over a link if some component fails. From what I have seen, it is necessary to configure router bgp NN in the system context, then in the admin context; and finally in the specific context where it is needed. I may be wrong on needing it in the admin context, that just happened to be the example that I found online. At any rate, having configured the protocol, I notice that the neighbor never goes Active, always remaining in Idle mode. Further checking indicates that the firewall is not listening on tcp/179 for BGP:

FW26-multiple/fw26tsnfw3/act# show asp table socket


Protocol   Socket    State      Local Address                                Foreign Address
TCP        00031008  LISTEN     10.41.11.36:22                               0.0.0.0:*         

Here is the config in the actual fw context where it is needed (this is lab set up):

!
router bgp 26
 bgp router-id 10.1.1.1
 address-family ipv4 unicast
  neighbor 10.41.78.11 remote-as 11
  neighbor 10.41.78.11 activate
  neighbor 10.41.78.11 prefix-list routesfromxxx in
  no auto-summary
  no synchronization
 exit-address-family
!
FW26-multiple/fw26tsnfw3/act#

I wonder if I am missing some magic configuration to turn this on?