ok, so to recap:
ge-0/0/0 on A and D will be the gateway for the VPN
Are the internal interface addresses on these ports reachable to each other in the current network?
10.0.0.0/29 to 10.0.0.16/29
If they are you can configure directly a VPN between these two gateways
If not:
Is traffic sourced from ge-0/0/0 A/D as a gateway NATed for internet access between the sites?
Is the NAT a static address or dynamic one at each site?
Is that NAT address already in use for VPN connections or not?