When building VPNs on SRX platforms, you need to be aware of the built-in proposal sets. Juniper has 3 canned proposal-sets known simply as;
basic
standard
compatible
basic
standard
compatible
basic offers DES with DH-group1 and SHA1 or MD5 authentication
NOTE: I never recommend the above for a VPN
standard offers slightly better and more proposals such as 3DES DH-group2 with sha1 or AES128 DHGRP2 and SHA1
NOTE: This is the minimum accept proposals that should be used IMHO
- compatible offers a few more options
3DES with DH-group2 SHA1
3DES with DH-group2 MD5
DES DH-group2 SHA1
DES DH-group2 md5