If I understand this correctly I should be able to do this. But I've been wrong before...
I use a SRX550 for multiple route based VPN's. In they have been set up with 1 public ip on the outbound interface, then bind the tunnel to it etc etc.
My question is... Can I have more than 1 VPN on the interface?
For example:
ge-0/0/0 address 1.1.1.1
Tunnel 1:
ike-policy IKE-policy-12345;
address 100.100.100.100;
dead-peer-detection;
external-interface ge-0/0/0;
Of course all the other good stuff that goes with the Tunnel...
Then Tunnel2:
ike-policy IKE-policy-54321;
address 200.200.200.200;
dead-peer-detection;
external-interface ge-0/0/0;
+++ the rest of the config.
Basically I'd make sure there are no duplicates for external IP's EXECPT for the interface going out to the outside world.
Does that make sense? Can this be done?