Could someone explain this first section to me? I tried putting certain interfaces in certain zones to make it work, but it didn't.
Your policy must be written in the format which includes:
from zone and to zone
policy name
matching traffic
Then statement (permit)
In your case just copy directly the original policy
For internet traffic you also need that nat rule to nat the traffic to the egress interface or it will not work. Again copy that original rule
Which zone should the interface with the link to the Internet Modem go (ge-0/0/1)?
this is the untrust zone
Where should my trunk port to my switch go (ge-0/0/0)? Where should my subinterfaces on my routers trunk port go(ge-0/0/0.25, ge-0/0/0.50 and ge-0/0/0.100)? Each subinterface on the Router's ge-0/0/0 is a GateWay for the Vlans on the switch.
These can all be in the trust zone or you can create additional zones to segment traffic. A zone is a collection of interfaces/subnets that have the same security requirements. this allows us to write rules for their access and treat them as a group.
Is it enough to just add the correct interfaces into the correct zones and then one will be up and running to the Internet (just with respect to security not blocking the Internet connection)? I want to enable Internet connectivity without giving up security that can be gotten on a Juniper SRX. Is the factory default zones here give strong protection?
The factory default configuration is appropriate for a simple small location connection to the internet. You would want to maintain the screen settings on the untrust zone for security as well as setting up the internal interfaces for egress.
Tighter controls are possible but the nature of these will vary by use case and security needs.