The local clients will be assigned an address from the address-assignment pool. The protected resources behind the SRX would be able to see the pool IP addresses coming in and accessing them.
Say my local machine has the network 192.168.1.0/24 prior to any VPN connection. I connect to customer's network and am given 192.168.3.0/24 from the address-assignment pool. However the customer's network protected resources are also on 192.168.1.0/24. Since my local ethernet connection is the same network as the remote protected resources, this would cause problems, correct?
The other point I'm confused on is if the address assignment pool has to have a connected interface for routing purposes? Say we are using 10.10.10.0/24 as vlan.10 in the Trust zone. This is also the configured remote-protected-resources network.
Then we configure an address-assignment pool of 10.10.20.0/24. Does the pool need to have an assosciated interface on the device? Would the 10.10.20.0/24 network show up in the routing table?