Dear Den,
Sorry for not getting back to you earlier I was travelling 
.
I want to check the connectivity between the two SRXs over the VPN tunnels first .
Can you issue the following commands on the SRX-02 as they are missing from your configuration ( assuming the /77 network is connected to physical port fe-0/0/7 ) :
set security zones security-zone TRUST interfaces fe-0/0/7.0 host-inbound-traffic system-services all
set security zones security-zone TRUST interfaces fe-0/0/7.0 host-inbound-traffic protocols all
After that can you get both SRXs to ping each other using the following commands and provide us with output :
SRX-01 : > run ping source 192.168.33.24 192.168.77.1
SRX-02 : > run ping source 192.168.77.1 192.168.33.24
From your description of the problem I just want to ask, are you sure the clients in the /33 network can ping the gateway on SRX-01 ( 192.168.33.24 ) ?