[Juniper SRX] IPsec VPN site-to-site with overlapping subnet
SRX Configuration: Interface: set interfaces ge-0/0/0 unit 0 family inet address 192.168.0.184/24 set routing-instances untrust interface ge-0/0/0.0 set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ike set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping set security zones security-zone untrust interfaces lo0.0 set interfaces lo0 unit 0 family inet address 11.11.11.1/24 set routing-instances untrust interface lo0.0 set interfaces st0 unit 0 family inet address 1.1.1.1/24 set security zones security-zone untrust interfaces st0.0 set routing-instances untrust interface st0.0 Routing: set routing-instances untrust routing-options static route 2.2.2.0/24 next-hop st0.0 VPN: Phase1: set security ike proposal P1 authentication-method pre-shared-keys set security ike proposal P1 dh-group group2 set security ike proposal P1 authentication-algorithm sha-256 set security ike proposal P1 encryp