Hi,
we have a vpn on our srx firewall, and its peer device is a cisco ASA. we are using policy based vpn and there are three subnets/proxy-IDs. we configured 3 sec policy for each subnets, so that each subnets would have its own proxy-id. all 3 local subnets/proxy-ID work at same time in a while but after hours or i think when the life time expires, 2 of the subnets/proxy-IDs drop, only one remain. what we do to bring up the other 2 subnets/proxy-IDs again is to reset the tunnel and ask our peer site to initiate a ping to our local gateway address, then after that all of the 3 subnets/proxy-IDs comes up again. also when we reset the tunnel and we initiate the ping the tunnel is not coming up, but when our peer site is the one to initiate the ping, the tunnel is comming up. i also see on "show security ike sa detail" that our firewall is the responder.
my question are, how can make our firewall as a initiator, why the other 2 local subnets/proxy-ID drops after hours and the other one remain, and how can we stabilize the other 2 local subnets/proxy-ID. attached is the config of our vpn. please help. thanks