Just an FYI, the firewal configuration is depreciated and is configured per family. You may want to put this in place before later you find an update breaking things
set firewall family inet filter manager-ip term permit-ssh-ssl from source-address 10.100.1.0/24
set firewall family inet filter manager-ip term permit-ssh-ssl from protocol tcp
set firewall family inet filter manager-ip term permit-ssh-ssl from port ssh
set firewall family inet filter manager-ip term permit-ssh-ssl from port https
set firewall family inet filter manager-ip term permit-ssh-ssl then log
set firewall family inet filter manager-ip term permit-ssh-ssl then accept
set firewall family inet filter manager-ip term deny-ssh-ssl from protocol tcp
set firewall family inet filter manager-ip term deny-ssh-ssl from port ssh
set firewall family inet filter manager-ip term deny-ssh-ssl from port https
set firewall family inet filter manager-ip term deny-ssh-ssl then log
set firewall family inet filter manager-ip term deny-ssh-ssl then discard
set firewall family inet filter manager-ip term else-accept then accept