VPN Monitoring -

When you enable VPN monitoring for a specific tunnel, the security device sends ICMP echo requests (or “pings”) through the tunnel at specified intervals (configured in seconds) to monitor network connectivity through the tunnel.
When Optimized is selected, the VPN monitoring behavior changes as follows:

• The J Series or SRX Series device accepts incoming traffic through the VPN tunnel as a substitute for ICMP echo replies.
• If there is both incoming and outgoing traffic through the VPN tunnel, the J Series or SRX Series device suppresses VPN monitoring pings.

 If you enable VPN monitoring optimization, be aware that VPN monitoring can no longer provide accurate SNMP statistics.
 Configure via CLI:

set security ipsec vpn <vpn-name> vpn-monitor optimized