I have checked possible reason as the link, it doesn't work.
There is no high delay in the networks, and the network latency is 30~40 ms between VPN peers.
There is no high loads of traffic.
I have already set the TCP-MSS to 1350
I captured the ESP packet received from Hillstone and reviewed it by Wireshark. The ESP sequence is pretty good. Only 1 or 2 packets in wrong order occasionally, and the replay windows on SRX550 is 64.
If you have confirmed in wireshark that the replay messages are in error that means there is a software bug in the version of junos you are running for the replay detect.
Your options are to turn replay detection off or find out from JTAC what version you need to upgrade Junos to get the fix for the bug. They will need to search the PR database and let you know what version it appears in and where it is fixed.
Steve Puluka BSEET - Juniper Ambassador IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP) http://puluka.com/home