The triggering point for the IPSec traffic is the policy "From zone: DMZ, To zone: untrust", which is the transit traffic,
When you ping from SRX itself it is a self generated traffic and wont hit policy.
To confirm this you can check if the policy counter is incrementing while you do the ping "show security policies hit-count".
-IE