From the below output you can state the following:
Nov 23 13:07:11 FW01 RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed idle Timeout: yyy.78.47.93/45081->yyy.78.47.93/1723 junos-pptp yyy.78.47.93/45081->192.168.1.225/1723 None inbound-pptp 6 POL-PPTP Internet trust 20294 3(152) 0(0) 20 INCONCLUSIVE INCONCLUSIVE N/A(N/A) pp0.0 UNKNOWN
- A TCP flow (IP protocol 6) packet SA=yyy.78.47.93 and DA=yyy.78.47.93 and DP=1723 hit the SRX.
- Ingress security zone=Internet, Egress=trust, ingress interface=pp0.0
- The packets matched the security policy POL-PPTP
- The DA was translated to 192.168.1.225 inbound-pptp
- 3 packets or 152 bytes were received (and forwarded ) on the ingress interface : 3(152)
- For the return traffic 0 packets were received on the Trust interface : 0(0)
- The session lasted 20s : this is the default timeout for an incomplete TCP-handshake
This is why I say that the server might not be responding, or maybe there is a problem between the SRX and the PPTP server. From the SRX, can you ping the server? Can you telnet to 192.168.1.225 port 1723? Can you do a packet capture on the firewall and see the incoming TCP SYN packets? Isn't there any firewall running on the server?
If the telnet test does work and if you are confident the server is not firewalling some source IP, then, and as someone suggested, you can also try and use a customized application that doesn't use the PPTP ALG. I am not familiar with this protocol.