Juniper SRX210 - IPSec and LAN

[outspoken]

Hey all,

I have a Juniper SRX210HE which has an IPSec VPN tunnel to Amazon's AWS cloud. While on the router I can ping and ssh to the private network in the cloud but I can't connect from my local LAN. I'm definitely missing a route between myself and the tunnel gateway but I'm a bit lost on what goes where.

My current network routes as display by the Juniper:

10.10.0.0 - st0.1 - 169.254.255.73 - amazon.vpn.ip.one
10.10.0.0 - st0.2 - 169.254.255.77 - amazon.vpn.ip.two

set routing-options static route 10.10.10.0/24 next-hop st0


10.0.1.0/24        *[Direct/0] 3d 03:32:50
                    > via vlan.0
10.0.1.1/32        *[Local/0] 3d 03:33:05
                      Local via vlan.0
10.10.0.0/16       *[BGP/170] 3d 03:32:06, localpref 100
                      AS path: 7224 I
                    > to 169.254.255.77 via st0.2
                    [BGP/170] 3d 03:32:01, localpref 100
                      AS path: 7224 I
                    > to 169.254.255.73 via st0.1
169.254.255.72/30  *[Direct/0] 3d 03:33:05
                    > via st0.1
169.254.255.74/32  *[Local/0] 3d 03:33:05
                      Local via st0.1
169.254.255.76/30  *[Direct/0] 3d 03:33:05
                    > via st0.2
169.254.255.78/32  *[Local/0] 3d 03:33:05
                      Local via st0.2

 

[outspoken]

To answer my own question I created a route from 10.10/16 to st0.1 and st0.2