Hi John,
yes , it is possible.
Management subnet needs to be advertised across the vpn tunnel.
SRX A has 2 subnets ( LANA and MANAGEMENT subnet )
SRXB -branch has one subnet (LANB)
Now if you have policy based vpn , you need to configure 2 security policies for each subnet.
On Hub SRXA
1. LANA to LAN of B
2. MANAGEMENT to LAN of B
OnBranchSRXB;
1, LAN B to LAN A
2. LAN B to Management
Now you will see 2 Ipsec sa for each subnet separately.
If it is route based , then you need to create 2 routes for each subnet on the branch if the proxy id is 0.0.0.0
On SRX A:
Route LANB next-hop ST0.X
On SRXB:
Route LANA next=hop ST0.1
Route Management next-hop st0.1
Regards
rparthi
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too