Alright, so here it goes:
I nailed up a simple lab environment, after a few attempts of failing, and now successfully have a functional Route-based IPSEC Tunnel between an SRX100B and SSG5. The code on the SSG5 is latest release, and the SRX isn't that far behind either.
Now that I've conquered such, I wanted to take it to the next level and incorporate dynamic routing, namely OSPF, by creating about 10 fictitious subnets on each side ---- using a single Area. (Yes, I just want to keep it simple for now).
The confusion is about GRE? I noticed in the following Juniper forum, someone recommended using a 2014 DayOne Cookbook, in which they clearly layout how to established OSPF over IPSEC between SRX and SSG5 (see Recipe #12 under "DAY ONE: JUNIPER AMBASSADORS’ COOKBOOK FOR 2014") ... but not once do they mention configuration of a GRE tunnel? Strange?? I'm finding highly subjective info around community between different vendors, and I want to get an authoritative answer on this if possible. As a caveat, I do prefer to run GRE to ensure OSPF is securely encapsulated ... I just want to understand the constraints entirely.
Secondly, I read that GRE over IPSEC is possible between SRX/SSG5, you just need to ensure that the GRE tunnel is created prior to the IPSEC tunnel, otherwise it may lead to connectivity issues. As defined here: https://kb.juniper.net/InfoCenter/index?page=content&id=KB19954&actp=search
So I guess, in conclusion, what is the proper way to do this?
The IPSEC tunnel is currently alive and well betwen SRX100B and SSG5, disregard J series router in place of the SRX in the graphic below:
