...
3- untrusted zone: ge-0/0/0 1.2.3.21/24
Basic Configuration for management in vSRX1:
set system host-name vsrx1set system services web-management http interface ge-0/0/2.0
#Add the IP@IMgt P@:
set interfaces ge-0/0/0 2 description "to unstrusted zonemanagement"
set interfaces ge-0/0/0 2 gigether-options no-auto-negotiation
set interfaces ge-0/0/0 2 unit 0 family inet address 1192.2168.370.21/24
#Create the management zone:
set security zones functional-zone management interfaces ge-0/0/2.0
set security zones functional-zone management host-inbound-traffic system-services all
set system services web-management http interface ge-0/0/2.0
#Add the IP@:
set interfaces ge-0/0/1 0 description "to trusted unstrusted zone"
set interfaces ge-0/0/1 0 gigether-options no-auto-negotiation
set interfaces ge-0/0/1 0 unit 0 family inet address 111.02.03.21/24
set interfaces ge-0/0/2 1 description "to managementtrusted zone"
set interfaces ge-0/0/2 1 gigether-options no-auto-negotiation
set interfaces ge-0/0/2 1 unit 0 family inet address 19211.1680.700.21/24
#Create the management zone:
set security zones functional-zone management interfaces ge-0/0/2.0
set security zones functional-zone management host-inbound-traffic system-services all
#Add the interface to the trusted zone:
set security zones security-zone trust interfaces ge-0/0/1.0
#Allow ping in the trust zone:
set security zones security-zone trust host-inbound-traffic system-services ping
...