there are routes in the firewalls pointing but i'm no firewall expert. i can ping wan1 from fw2 and vise versa. I will look further at the rules and logs to see what else is going on with it.

NLRI is now up from both sides pings and telnet work. I see the TCP sessions for bgp passing as well but no peering i have been debugging bgp for a while now and starting to run out of ideas

So you doing nat, are your routers setup to peer with the natted ip or the true ip of the box.

Also, can both router make a connection to each other, meaning, can r1 connect to r2 and can r2 connect to r1. This is needed because bgp tcp collision occur, where both routers each form a tcp connection with each other and the convention is for the router with the lower router id to disconnect its session. If you can only form your tcp connection in one direction, this may be causing your problem. If this is the source of your problem, you can either allow the session in the other direction or change the router id of the lower router to now be higher then the peer.

they are setup to peer with the real ip address. when i was building this in the test lab they wouldn't peer with the exposed natted address so i had to go with the real. i have changed the rule so only 1 side can build the session. before i had it going both ways (seeing alot of those disconnects as you mentioned)

hilarious, when i built this design in the virtual setup i had configured it to use the exposed ip ( which didn't work) so i rolled to the real ip which did work. now in the real lab using the real doesn't work but the exposed ip does