Question : Problem: Juniper VPN with one site having 2 internet connections

I am having an issue with my 2 juniper routers that i am attempting to build a vpn between.... it gets interisting in the fact that the Main site has 2 untrust networks. and the current config has worked great up until now... we have a T1 and a DSL connection coming into the main site. email and some other services come into the T1 and general browsing goes out the DSL connection. i have preference and metric set on the destination routes as you will see in the config files. here is the issue i am having, i am trying to build the VPN from the remote site into the T1 however it has a lower metric and preference than the DSL connection. i need to know how to correct what i am almost certain i setup incorrectly in the first place when i put this junipter in place. I want to thank you in advance.

Answer : Problem: Juniper VPN with one site having 2 internet connections

So, so that I fully understand this:

1.1.1.1 is the T1 interface on main fw
2.2.2.2 is the DSl interface on the main fw
3.3.3.3 is the untrust interface on the remote fw

On main FW, the default route is being sent out the T1 interface, not the DSL

You are trying to bring up a VPN between the remote FW and the DSL interface on the main FW.

Is that right?

If so, run the following commands on the main firewall

get route ip 3.3.3.3
to see where the packets for your remote firewall are going.  I would suspect that they are going out via the T1, which has a diff IP, and thus the VPN is being dropped.

If the traffic is indeed going out the T1, we need to add a route to send the traffic to the remote FW out through the DSL, ie

set route 3.3.3.3 interface ethernet0/1 gateway 2.2.2.5

This should then send the traffic to the remote FW out the DSL interface.

As above, the get event type 536 will show us more specific VPN logs