I suspect the issue has to do with your VPN interface ip addressing. These virtual tunnel interfaces should be setup as if they were a routed link pair instead of as independent /32 addresses.
st0.1(10.0.0.10/32) <--INTERNET--> st0.0(10.0.0.11/32)
should be
st0.1(10.0.0.10/31) <--INTERNET--> st0.0(10.0.0.11/31)