Hi Alex,
Here is an update for everyone really with the configuration.
Firstly, as Alex pointed out, configure an LT from your entry VR to an end LT that exists only in a zone:
set interfaces lt-0/0/0 unit 20 description to-snmp-default
set interfaces lt-0/0/0 unit 20 encapsulation ethernet
set interfaces lt-0/0/0 unit 20 peer-unit 21
set interfaces lt-0/0/0 unit 20 family inet address x.x.x.x/30
set interfaces lt-0/0/0 unit 21 description to-snmp-customer
set interfaces lt-0/0/0 unit 21 encapsulation ethernet
set interfaces lt-0/0/0 unit 21 peer-unit 20
set interfaces lt-0/0/0 unit 21 family inet address x.x.x.x/30
So, place one of these LT interfaces into the SRX entry VR and the security zone(this is the VR that your SNMP server will access the SRX for polling). In my case "Customer-VR".
set routing-instances Customer-VR interface lt-0/0/0.20
set security zones security-zone Customer-Network
Now, create a new zone for the peer LT interface:
set security zones security-zone snmp-test-lt host-inbound-traffic system-services all
set security zones security-zone snmp-test-lt host-inbound-traffic protocols all
set security zones security-zone snmp-test-lt interfaces lt-0/0/0.21
Create an intra-zone policy for this new zone. I just made an any any any permit. It's protected from external anyway.
Now all that is needed is the routing in place.... use the address of the SNMP server and use the LT-0/0/0.20 interface addrerss as the next-hop..... for example:
set routing-options static route 10.10.10.1/32 next-hop 192.168.10.1
10.10.10.1 = SNMP Server
192.168.10.1 = lt-0/0/0.20 address
Just make sure any other firewalls and systems in between have the routes and accessability in place.
I have configured the above and can now access all the default OIDs.
Thank you for your help Alex. Much appreciated