I have this same problem and would really love to figure this out. The SRX deletes the SA after a couple minutes, then Shrew reports that the gateway is not responding and disconnects. Running Wireshark and I am not seeing Heartbeats or any packets for that matter that are coming from the SRX. From the IKE traceoption is appears that the SRX is receiving DPD packets from Shrew client.
10.4R8.5 with shrew 2.2.0.
Juniper Networks Access Manager works fine with dynamic VPN.
I got the same problem with Shrew and SRX: disconnects consistently after 200 sec.
The workaround is to set Phase1 key life time to 180 sec while keeping Phase2 key life time on default 28800. This will force a rekey before the SA is deleted from the SRX. Tunnel connectivity is not disrupted and the tunnels stays up.
Have been testing the tunnel using icmp for the last hour and get occasional spikes of 70ms delay, I guess because of the rekey (min latency is 35ms and avg is 40ms).
Tested with SRX210H running Junos 11.4r2.1 and Shrew 2.1.6 on Windows and on Linux (Ubuntu).
