This is what happens:
root@srx-besimple> show security ike security-associations
root@srx-besimple> show security ipsec security-associations
Total active tunnels: 1
ID Algorithm SPI Life:sec/kb Mon lsys Port Gateway
<131073 ESP:aes-128/sha1 2eb2f5fd 3549/ unlim - root 500 REMOTE_IP
>131073 ESP:aes-128/sha1 cd35d6e9 3549/ unlim - root 500 REMOTE_IP
root@srx-besimple> show security ipsec security-associations index 131073
ID: 131073 Virtual-system: root, VPN Name: ipsec-vpn-besFarm
Local Gateway: LOCAL_IP, Remote Gateway: REMOTE_IP
Local Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0/0)
Remote Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0/0)
Version: IKEv1
DF-bit: clear
Bind-interface: st0.0
Port: 500, Nego#: 1, Fail#: 0, Def-Del#: 0 Flag: 600a29
Tunnel Down Reason: SA not initiated
Direction: inbound, SPI: 2eb2f5fd, AUX-SPI: 0
, VPN Monitoring: -
Hard lifetime: Expires in 3511 seconds
Lifesize Remaining: Unlimited
Soft lifetime: Expires in 2889 seconds
Mode: Tunnel(0 0), Type: dynamic, State: installed
Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits)
Anti-replay service: counter-based enabled, Replay window size: 64
Direction: outbound, SPI: cd35d6e9, AUX-SPI: 0
, VPN Monitoring: -
Hard lifetime: Expires in 3511 seconds
Lifesize Remaining: Unlimited
Soft lifetime: Expires in 2889 seconds
Mode: Tunnel(0 0), Type: dynamic, State: installed
Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits)
Anti-replay service: counter-based enabled, Replay window size: 64
root@srx-besimple> ping 172.16.200.1
PING 172.16.200.1 (172.16.200.1): 56 data bytes
64 bytes from 172.16.200.1: icmp_seq=0 ttl=64 time=36.879 ms
64 bytes from 172.16.200.1: icmp_seq=1 ttl=64 time=37.273 ms
64 bytes from 172.16.200.1: icmp_seq=2 ttl=64 time=38.390 ms
64 bytes from 172.16.200.1: icmp_seq=3 ttl=64 time=38.121 ms
64 bytes from 172.16.200.1: icmp_seq=4 ttl=64 time=36.714 ms
64 bytes from 172.16.200.1: icmp_seq=5 ttl=64 time=35.126 ms
64 bytes from 172.16.200.1: icmp_seq=6 ttl=64 time=34.900 ms
64 bytes from 172.16.200.1: icmp_seq=7 ttl=64 time=34.091 ms
64 bytes from 172.16.200.1: icmp_seq=8 ttl=64 time=35.901 ms
^C
--- 172.16.200.1 ping statistics ---
9 packets transmitted, 9 packets received, 0% packet loss
round-trip min/avg/max/stddev = 34.091/36.377/38.390/1.393 ms
root@srx-besimple> ping 172.16.200.10
PING 172.16.200.10 (172.16.200.10): 56 data bytes
64 bytes from 172.16.200.10: icmp_seq=0 ttl=127 time=37.649 ms
64 bytes from 172.16.200.10: icmp_seq=1 ttl=127 time=39.005 ms
64 bytes from 172.16.200.10: icmp_seq=2 ttl=127 time=41.536 ms
64 bytes from 172.16.200.10: icmp_seq=3 ttl=127 time=40.515 ms
64 bytes from 172.16.200.10: icmp_seq=4 ttl=127 time=39.406 ms
64 bytes from 172.16.200.10: icmp_seq=5 ttl=127 time=36.777 ms
64 bytes from 172.16.200.10: icmp_seq=7 ttl=127 time=41.095 ms
^C
--- 172.16.200.10 ping statistics ---
8 packets transmitted, 7 packets received, 12% packet loss
round-trip min/avg/max/stddev = 36.777/39.426/41.536/1.638 ms
root@srx-besimple> ping 172.16.200.10
PING 172.16.200.10 (172.16.200.10): 56 data bytes
^C
--- 172.16.200.10 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
root@srx-besimple> ping 172.16.200.1
PING 172.16.200.1 (172.16.200.1): 56 data bytes
^C
--- 172.16.200.1 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
root@srx-besimple> show security ipsec security-associations index 131073
ID: 131073 Virtual-system: root, VPN Name: ipsec-vpn-besFarm
Local Gateway: LOCAL_IP, Remote Gateway: REMOTE_IP
Local Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0/0)
Remote Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0/0)
Version: IKEv1
DF-bit: clear
Bind-interface: st0.0
Port: 500, Nego#: 1, Fail#: 0, Def-Del#: 0 Flag: 600a29
Tunnel Down Reason: SA not initiated
Direction: inbound, SPI: 2eb2f5fd, AUX-SPI: 0
, VPN Monitoring: -
Hard lifetime: Expires in 3405 seconds
Lifesize Remaining: Unlimited
Soft lifetime: Expires in 2783 seconds
Mode: Tunnel(0 0), Type: dynamic, State: installed
Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits)
Anti-replay service: counter-based enabled, Replay window size: 64
Direction: outbound, SPI: cd35d6e9, AUX-SPI: 0
, VPN Monitoring: -
Hard lifetime: Expires in 3405 seconds
Lifesize Remaining: Unlimited
Soft lifetime: Expires in 2783 seconds
Mode: Tunnel(0 0), Type: dynamic, State: installed
Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits)
Anti-replay service: counter-based enabled, Replay window size: 64
Does it make any sense?
Marco