Thanks for the comment. I did not but seriously considering it. My rationale is that I have a very successful site-to-site VPN between both MX100 (in hub mode) so I rejected having two VPNs, one for each MX100 site.
Let me know if you think this could be a problem. Thanks again!