Mutiple subnets in SRX routed based VPN
By default, the proxy-id is 0.0.0.0/0 when it is not explicitly configured on SRX routed based VPN. This is an issue when remote peer is the third party devices such as Cisco ASA. When there is only one network at remote and one network at local, configure an explicit proxy-id can resolve the issue. When there are multiple subnets at either remote or local, until recent released SRX firmware which starts to support multiple proxy-id with a feature called Traffic Selector, the older version SRX can't be configured with multiple proxy-id. Here I focus on the older version SRX which doesn't support Traffic Selector. When there are multiple networks at local side, the first thing need to try is to supernet these networks, then discuss with the peer administrator if he/she can use the supernet as the proxy-id, in Cisco world, this means remote ASA needs to use the supernet in the interesting traffic ACL (also called VPN ACL), its interface ACL should continue to use