Client to LAN VPN error

I'm trying to setup a client to LAN based VPN to a web server behind SRX100. Tunnel is not coming up and I'm getting following error when collecting traceoptions for the tunnels - 

[May 24 14:33:53]ikev2_packet_allocate: Allocated packet e0d800 from freelist
[May 24 14:33:53]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:53]ike_get_sa: Start, SA = { b76149a8 bb4f7250 - 00000000 00000000 } / 00000000, remote = 10.128.137.2:500
[May 24 14:33:53]ike_sa_allocate: Start, SA = { b76149a8 bb4f7250 - ba1ee5c3 23a0bb27 }
[May 24 14:33:53]ike_init_isakmp_sa: Start, remote = 10.128.137.2:500, initiator = 0
[May 24 14:33:53]ike_decode_packet: Start
[May 24 14:33:53]ike_decode_packet: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f} / 00000000, nego = -1
[May 24 14:33:53]ike_decode_payload_sa: Start
[May 24 14:33:53]ike_decode_payload_t: Start, # trans = 3
[May 24 14:33:53]ike_st_i_vid: VID[0..20] = 01528bbb c0069612 ...
[May 24 14:33:53]ike_st_i_vid: VID[0..20] = 1e2b5169 05991c7d ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = 90cb8091 3ebb696e ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = 4048b7d5 6ebce885 ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = fb1de3cd f341b7ea ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = 26244d38 eddb61b3 ...
[May 24 14:33:53]ike_st_i_vid: VID[0..16] = e3a5966a 76379fe7 ...
[May 24 14:33:53]ike_st_i_sa_proposal: Start
[May 24 14:33:53]iked_pm_dynamic_gw_local_addr_based_lookup: Found gateway matching local addr IKE_GW for remote dynamic peer, sa_cfg[IPSEC_VPN]
[May 24 14:33:53]ike_isakmp_sa_reply: Start
[May 24 14:33:53]ike_state_restart_packet: Start, restart packet SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:33:53]ike_st_i_sa_proposal: Start
[May 24 14:33:53]ike_st_i_cr: Start
[May 24 14:33:53]ike_st_i_cert: Start
[May 24 14:33:53]ike_st_i_private: Start
[May 24 14:33:53]ike_st_o_sa_values: Start
[May 24 14:33:53]ike_policy_reply_isakmp_vendor_ids: Start
[May 24 14:33:53]ike_st_o_private: Start
[May 24 14:33:53]ike_policy_reply_private_payload_out: Start
[May 24 14:33:53]ike_encode_packet: Start, SA = { 0xb76149a8 bb4f7250 - 647ce0e5 7e90125f } / 00000000, nego = -1
[May 24 14:33:53]ike_send_packet: Start, send SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1, dst = 10.128.137.2:500, routing table id = 0
[May 24 14:33:53]ikev2_packet_allocate: Allocated packet e0dc00 from freelist
[May 24 14:33:53]ike_sa_find: Found SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f }
[May 24 14:33:53]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:53]ike_get_sa: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f } / 00000000, remote = 10.128.137.2:500
[May 24 14:33:53]ike_sa_find: Found SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f }
[May 24 14:33:53]ike_decode_packet: Start
[May 24 14:33:53]ike_decode_packet: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f} / 00000000, nego = -1
[May 24 14:33:53]ike_st_i_nonce: Start, nonce[0..48] = d34cca05 729d990b ...
[May 24 14:33:53]ike_st_i_ke: Ke[0..128] = a3b1ac42 37aeee0e ...
[May 24 14:33:53]ike_st_i_cr: Start
[May 24 14:33:53]ike_st_i_cert: Start
[May 24 14:33:53]ike_st_i_private: Start
[May 24 14:33:53]ike_st_o_ke: Start
[May 24 14:33:53]ike_st_o_nonce: Start
[May 24 14:33:53]ike_policy_reply_isakmp_nonce_data_len: Start
[May 24 14:33:53]IKED-PKID-IPC Failed to delete cert chain patricia node
[May 24 14:33:53]ikev2_fb_get_cas_kid_cb: CA lookup failed, error 'Crypto operation failed'
[May 24 14:33:53]ike_policy_reply_get_cas: Start
[May 24 14:33:53]ike_state_restart_packet: Start, restart packet SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:33:53]ike_st_o_private: Start
[May 24 14:33:53]ike_policy_reply_private_payload_out: Start
[May 24 14:33:53]ike_policy_reply_private_payload_out: Start
[May 24 14:33:53]ike_policy_reply_private_payload_out: Start
[May 24 14:33:53]ike_st_o_calc_skeyid: Calculating skeyid
[May 24 14:33:53]ike_encode_packet: Start, SA = { 0xb76149a8 bb4f7250 - 647ce0e5 7e90125f } / 00000000, nego = -1
[May 24 14:33:53]ike_send_packet: Start, send SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1, dst = 10.128.137.2:500, routing table id = 0
[May 24 14:33:53]ikev2_packet_allocate: Allocated packet e20000 from freelist
[May 24 14:33:53]ike_sa_find: Found SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f }
[May 24 14:33:53]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:53]ike_get_sa: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f } / e8a5c6d8, remote = 10.128.137.2:500
[May 24 14:33:53]ike_sa_find: Found SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f }
[May 24 14:33:53]ike_alloc_negotiation: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}
[May 24 14:33:53]ike_decode_packet: Start
[May 24 14:33:53]ike_decode_packet: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f} / e8a5c6d8, nego = 0
[May 24 14:33:53]<none>:500 (Responder) <-> 10.128.137.2:500 { b76149a8 bb4f7250 - 647ce0e5 7e90125f [0] / 0xe8a5c6d8 } Info; Trying to decrypt, but no decryption context initialized
[May 24 14:33:53]<none>:500 (Responder) <-> 10.128.137.2:500 { b76149a8 bb4f7250 - 647ce0e5 7e90125f [0] / 0xe8a5c6d8 } Info; Error = No SA established (8194)
[May 24 14:33:53]ike_send_notify: Notification to informational exchange ignored
[May 24 14:33:53]ike_delete_negotiation: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = 0
[May 24 14:33:53]ike_free_negotiation_info: Start, nego = 0
[May 24 14:33:53]ike_free_negotiation: Start, nego = 0
[May 24 14:33:54]ikev2_packet_allocate: Allocated packet e20400 from freelist
[May 24 14:33:54]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:54]ike_get_sa: Start, SA = { 4a5ec625 c426a0c8 - 00000000 00000000 } / 00000000, remote = 10.128.137.2:500
[May 24 14:33:54]ike_sa_allocate: Start, SA = { 4a5ec625 c426a0c8 - e5e208da 0210ad6b }
[May 24 14:33:54]ike_init_isakmp_sa: Start, remote = 10.128.137.2:500, initiator = 0
[May 24 14:33:54]ike_decode_packet: Start
[May 24 14:33:54]ike_decode_packet: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553} / 00000000, nego = -1
[May 24 14:33:54]ike_decode_payload_sa: Start
[May 24 14:33:54]ike_decode_payload_t: Start, # trans = 3
[May 24 14:33:54]ike_st_i_vid: VID[0..20] = 01528bbb c0069612 ...
[May 24 14:33:54]ike_st_i_vid: VID[0..20] = 1e2b5169 05991c7d ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = 90cb8091 3ebb696e ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = 4048b7d5 6ebce885 ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = fb1de3cd f341b7ea ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = 26244d38 eddb61b3 ...
[May 24 14:33:54]ike_st_i_vid: VID[0..16] = e3a5966a 76379fe7 ...
[May 24 14:33:54]ike_st_i_sa_proposal: Start
[May 24 14:33:54]iked_pm_dynamic_gw_local_addr_based_lookup: Found gateway matching local addr IKE_GW for remote dynamic peer, sa_cfg[IPSEC_VPN]
[May 24 14:33:54]ike_isakmp_sa_reply: Start
[May 24 14:33:54]ike_state_restart_packet: Start, restart packet SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:33:54]ike_st_i_sa_proposal: Start
[May 24 14:33:54]ike_st_i_cr: Start
[May 24 14:33:54]ike_st_i_cert: Start
[May 24 14:33:54]ike_st_i_private: Start
[May 24 14:33:54]ike_st_o_sa_values: Start
[May 24 14:33:54]ike_policy_reply_isakmp_vendor_ids: Start
[May 24 14:33:54]ike_st_o_private: Start
[May 24 14:33:54]ike_policy_reply_private_payload_out: Start
[May 24 14:33:54]ike_encode_packet: Start, SA = { 0x4a5ec625 c426a0c8 - ffd18544 6524a553 } / 00000000, nego = -1
[May 24 14:33:54]ike_send_packet: Start, send SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1, dst = 10.128.137.2:500, routing table id = 0
[May 24 14:33:54]ikev2_packet_allocate: Allocated packet e20800 from freelist
[May 24 14:33:54]ike_sa_find: Found SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 }
[May 24 14:33:54]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:54]ike_get_sa: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 } / 00000000, remote = 10.128.137.2:500
[May 24 14:33:54]ike_sa_find: Found SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 }
[May 24 14:33:54]ike_decode_packet: Start
[May 24 14:33:54]ike_decode_packet: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553} / 00000000, nego = -1
[May 24 14:33:54]ike_st_i_nonce: Start, nonce[0..48] = 52daa00e c8bc3ef0 ...
[May 24 14:33:54]ike_st_i_ke: Ke[0..128] = b418102a e5a211d8 ...
[May 24 14:33:54]ike_st_i_cr: Start
[May 24 14:33:54]ike_st_i_cert: Start
[May 24 14:33:54]ike_st_i_private: Start
[May 24 14:33:54]ike_st_o_ke: Start
[May 24 14:33:54]ike_st_o_nonce: Start
[May 24 14:33:54]ike_policy_reply_isakmp_nonce_data_len: Start
[May 24 14:33:54]IKED-PKID-IPC Failed to delete cert chain patricia node
[May 24 14:33:54]ikev2_fb_get_cas_kid_cb: CA lookup failed, error 'Crypto operation failed'
[May 24 14:33:54]ike_policy_reply_get_cas: Start
[May 24 14:33:54]ike_state_restart_packet: Start, restart packet SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:33:54]ike_st_o_private: Start
[May 24 14:33:54]ike_policy_reply_private_payload_out: Start
[May 24 14:33:54]ike_policy_reply_private_payload_out: Start
[May 24 14:33:54]ike_policy_reply_private_payload_out: Start
[May 24 14:33:54]ike_st_o_calc_skeyid: Calculating skeyid
[May 24 14:33:54]ike_encode_packet: Start, SA = { 0x4a5ec625 c426a0c8 - ffd18544 6524a553 } / 00000000, nego = -1
[May 24 14:33:54]ike_send_packet: Start, send SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1, dst = 10.128.137.2:500, routing table id = 0
[May 24 14:33:54]ikev2_packet_allocate: Allocated packet e20c00 from freelist
[May 24 14:33:54]ike_sa_find: Found SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 }
[May 24 14:33:54]ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library
[May 24 14:33:54]ike_get_sa: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 } / cc53a520, remote = 10.128.137.2:500
[May 24 14:33:54]ike_sa_find: Found SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 }
[May 24 14:33:54]ike_alloc_negotiation: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}
[May 24 14:33:54]ike_decode_packet: Start
[May 24 14:33:54]ike_decode_packet: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553} / cc53a520, nego = 0
[May 24 14:33:54]<none>:500 (Responder) <-> 10.128.137.2:500 { 4a5ec625 c426a0c8 - ffd18544 6524a553 [0] / 0xcc53a520 } Info; Trying to decrypt, but no decryption context initialized
[May 24 14:33:54]<none>:500 (Responder) <-> 10.128.137.2:500 { 4a5ec625 c426a0c8 - ffd18544 6524a553 [0] / 0xcc53a520 } Info; Error = No SA established (8194)
[May 24 14:33:54]ike_send_notify: Notification to informational exchange ignored
[May 24 14:33:54]ike_delete_negotiation: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = 0
[May 24 14:33:54]ike_free_negotiation_info: Start, nego = 0
[May 24 14:33:54]ike_free_negotiation: Start, nego = 0
[May 24 14:34:03]ike_retransmit_callback: Start, retransmit SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:34:03]ike_send_packet: Start, retransmit previous packet SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1, dst = 10.128.137.2:500 routing table id = 0
[May 24 14:34:04]ike_retransmit_callback: Start, retransmit SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:34:04]ike_send_packet: Start, retransmit previous packet SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1, dst = 10.128.137.2:500 routing table id = 0
[May 24 14:34:13]ike_retransmit_callback: Start, retransmit SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:34:13]ike_send_packet: Start, retransmit previous packet SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1, dst = 10.128.137.2:500 routing table id = 0
[May 24 14:34:14]ike_retransmit_callback: Start, retransmit SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:34:14]ike_send_packet: Start, retransmit previous packet SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1, dst = 10.128.137.2:500 routing table id = 0
[May 24 14:34:23]P1 SA 4019557 timer expiry. ref cnt 2, timer reason Force delete timer expired (1), flags 0x300.
[May 24 14:34:23]iked_pm_ike_sa_delete_done_cb: For p1 sa index 4019557, ref cnt 2, status: Error ok
[May 24 14:34:23]ike_remove_callback: Start, delete SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:34:23]10.128.63.195:500 (Responder) <-> 10.128.137.2:500 { b76149a8 bb4f7250 - 647ce0e5 7e90125f [-1] / 0x00000000 } IP; Connection timed out or error, calling callback
[May 24 14:34:23]ike_delete_negotiation: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f}, nego = -1
[May 24 14:34:23]ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table
[May 24 14:34:23]ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table
[May 24 14:34:23]ike_sa_delete: Start, SA = { b76149a8 bb4f7250 - 647ce0e5 7e90125f }
[May 24 14:34:23]ike_free_negotiation_isakmp: Start, nego = -1
[May 24 14:34:23]ike_free_negotiation: Start, nego = -1
[May 24 14:34:23]IKE SA delete called for p1 sa 4019557 (ref cnt 2) local:10.128.63.195, remote:10.128.137.2, IKEv1
[May 24 14:34:23]P1 SA 4019557 reference count is not zero (1). Delaying deletion of SA
[May 24 14:34:23]ike_free_sa: Start
[May 24 14:34:23]iked_pm_ike_sa_done: UNUSABLE p1_sa 4019557
[May 24 14:34:23] IKEv1 Error : Timeout
[May 24 14:34:23]iked_pm_p1_sa_destroy: p1 sa 4019557 (ref cnt 0), waiting_for_del 0xa332c0
[May 24 14:34:24]P1 SA 4019558 timer expiry. ref cnt 2, timer reason Force delete timer expired (1), flags 0x300.
[May 24 14:34:24]iked_pm_ike_sa_delete_done_cb: For p1 sa index 4019558, ref cnt 2, status: Error ok
[May 24 14:34:24]ike_remove_callback: Start, delete SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:34:24]10.128.63.195:500 (Responder) <-> 10.128.137.2:500 { 4a5ec625 c426a0c8 - ffd18544 6524a553 [-1] / 0x00000000 } IP; Connection timed out or error, calling callback
[May 24 14:34:24]ike_delete_negotiation: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553}, nego = -1
[May 24 14:34:24]ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table
[May 24 14:34:24]ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table
[May 24 14:34:24]ike_sa_delete: Start, SA = { 4a5ec625 c426a0c8 - ffd18544 6524a553 }
[May 24 14:34:24]ike_free_negotiation_isakmp: Start, nego = -1
[May 24 14:34:24]ike_free_negotiation: Start, nego = -1
[May 24 14:34:24]IKE SA delete called for p1 sa 4019558 (ref cnt 2) local:10.128.63.195, remote:10.128.137.2, IKEv1
[May 24 14:34:24]P1 SA 4019558 reference count is not zero (1). Delaying deletion of SA
[May 24 14:34:24]ike_free_sa: Start
[May 24 14:34:24]iked_pm_ike_sa_done: UNUSABLE p1_sa 4019558
[May 24 14:34:24] IKEv1 Error : Timeout
[May 24 14:34:24]iked_pm_p1_sa_destroy: p1 sa 4019558 (ref cnt 0), waiting_for_del 0xdf9f60

We are not using Juniper certs, rather a certificate we signed. I have similar cert on my desktops signed by same CA. I also configured NTP to make sure that SRX and my WS point to same NTP server. Below is my VPN config. Security policies are wide open (basically any/any allowed). My WS is Windows10. 

Please suggest if something is wrong with my config

set security ike proposal IKE_PROP authentication-method rsa-signatures
set security ike proposal IKE_PROP dh-group group2
set security ike proposal IKE_PROP authentication-algorithm sha1
set security ike proposal IKE_PROP encryption-algorithm aes-128-cbc
set security ike proposal IKE_PROP lifetime-seconds 3600
set security ike policy IKE_POL mode main
set security ike policy IKE_POL proposals IKE_PROP
set security ike policy IKE_POL certificate local-certificate srx001
set security ike policy IKE_POL certificate peer-certificate-type x509-signature
set security ike gateway IKE_GW ike-policy IKE_POL
set security ike gateway IKE_GW dynamic distinguished-name wildcard C=CA
set security ike gateway IKE_GW local-identity inet 10.128.63.195
set security ike gateway IKE_GW external-interface fe-0/0/0.0
set security ike gateway IKE_GW version v1-only
set security ipsec proposal IPSEC_PROP protocol esp
set security ipsec proposal IPSEC_PROP authentication-algorithm hmac-sha1-96
set security ipsec proposal IPSEC_PROP encryption-algorithm aes-128-cbc
set security ipsec proposal IPSEC_PROP lifetime-seconds 3600
set security ipsec policy IPSEC_POL perfect-forward-secrecy keys group2
set security ipsec policy IPSEC_POL proposals IPSEC_PROP
set security ipsec vpn IPSEC_VPN bind-interface st0.0
set security ipsec vpn IPSEC_VPN ike gateway IKE_GW
set security ipsec vpn IPSEC_VPN ike ipsec-policy IPSEC_POL

Certificate details on SRX:

root@FOCFAS01> show security pki local-certificate
Certificate identifier: srx001
Issued to: focfas01, Issued by: C = CA, O = ABC Inc., CN = ABC Issuing CA SHA256
Validity:
Not before: 05-12-2017 21:38 UTC
Not after: 05-11-2022 21:38 UTC
Public key algorithm: rsaEncryption(2048 bits)