I am sorry but I have given you a typo. I meant to say:
set security nat proxy-arp interface fe-0/0/2.0 address 192.168.0.30/32 to 192.168.0.35/32
not:
set security nat proxy-arp interface fe-0/0/2.0 address 192.168.0.30/32 to 192.169.0.35/32
I am surprised this caused a problem but I have just labbed it up and sure enough it stops it from working.
So, I have taken your configuration and of course I had to replace your passwords as I cannot read them. Apart from that the config is the same. I connected a device to fe-0/0/2 with IP address 192.168.0.200. I connected a router to the public address and a PC to another interface on that router with address 10.1.1.250. I did this so that the PC would not be directly connected to the SRX to give a more realistic scenario. The router has no knowledge of the 192.168.0.0/24 network. I have installed Pulse on the PC and was able to login with the password that I replaced yours with.
I am able to ping myself (.33), the default gateway (.1) and the other device (.200). I have attached the results.
On the SRX:
lab@VPN02> show security ike security-associations
Index State Initiator cookie Responder cookie Mode Remote Address
4330041 UP d1c336ecba409d6e 7e1c2b75f5fc1298 Aggressive 10.1.1.250
lab@VPN02> show security ipsec security-associations
Total active tunnels: 1
ID Algorithm SPI Life:sec/kb Mon lsys Port Gateway
<268173316 ESP:aes-cbc-128/sha1 2b233cd 2873/ 499951 - root 52740 10.1.1.250
>268173316 ESP:aes-cbc-128/sha1 1c0e4634 2873/ 499951 - root 52740 10.1.1.250
lab@VPN02> show security ike active-peer
Remote Address Port Peer IKE-ID XAUTH username Assigned IP
10.1.1.250 52740 rcarongtSRX-GW rcarongt 192.168.0.33
lab@VPN02> show security dynamic-vpn users
User: rcarongt , Number of connections: 1
Remote IP: 10.1.1.250
IPSEC VPN: startup_rvpn
IKE gateway: gw_startup_rvpn
IKE ID : rcarongtSRX-GW
IKE Lifetime: 28800
IPSEC Lifetime: 3600
Status: CONNECTED
In answer to your question regarding the use of /32 even though the network is a /24, this is because you are defining host addresses and not networks. I have also tried configuring it to /24 rather than /32 and it also seems to work but this is not the configuration I have seen from Juniper.
One more point - you may wish to change the configuration to reflect the following:
[edit]
lab@VPN02# show security dynamic-vpn
access-profile remote_access_profile;
clients {
startup_rvpn_group {
remote-protected-resources {
192.168.0.0/24;
}
remote-exceptions {
0.0.0.0/0;
}
ipsec-vpn startup_rvpn;
user {
rcarongt;
}
}
}
This will mean your client will only use the VPN to access the 192.168.0/24 network and will bypass the tunnel to access all other addresses, for example the Internet.
Again, apologies for the typo but I can confirm that if this is corrected, it should work.