Hello ,
First of all , in SRX the Security Policy and the Destination NAT are 2 different components unlike SSG where they are intergrated .
In SRX the Destination NAT rule hits first and the destination IP will be getting conversted to the Configured LAN IP .
So the security policy Should be from Zone "Untrust " and to zone " Trust " if the LAN IP falls on the trust zone .
I hope you got what need to be done .