Hi ea-aua,
Can you hardcode the source and destination IP addresses that will be used by VPN monitoring:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB10119
Make sure they are within the subnets that are allowed to transmit traffic over the VPN: 192.168.1.0/24 and 192.168.7.0/24. You can use something like this:
set security ipsec vpn ike-vpn-BON vpn-monitor destination-ip 192.168.7.254 source-interface irb.2 optimizedI am assuming that 192.168.7.254 is an IP address on an interfaces of the ASA. If the problem is still happening, try to disable VPN-monitoring on the SRX for testing purposes.
I will also highly suggest to configure you VPN using traffic-selectors on the SRX side and match them with the ASA ACLs:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB28820