I would like to see an update on this also.

I wish I could say there was a resolution but everything Juniper support had me try did not work.  I was checking here just today to see if anyone came up with a solution.

Hey everyone,

I know this post is very old, but maybe it's still interesting for someone :-) I got the same alert:

[00001] 2011-09-07 00:02:05 [Root]system-alert-00026: IPSec tunnel on interface ethernet0/0 with tunnel ID 0xe received a packet with a bad SPI. 108.xxx.xxx.xxx->212.xxx.xxx.xxx/xx, ESP, SPI 0xaba9519d, SEQ 0x1.

After comparing the settings on both sides, it turned out that the lifetime (phase 2 proposal) of the encryption key was set to different values - 3600 seconds on the remote side (108.xxx.xxx.xxx), 28800 seconds here on my side (212.xxx.xxx.xxx). So I modified the settings, set them to the same value and - what a surprise - it works, the alerts disappeared.

I hope I could help someone with this post.

Florian