Hi Spuluka,
So, I would need something like the following:
set security policies from-zone Customer-Network to-zone radius-server policy test match source-address <VPN Address Range>
set security policies from-zone Customer-Network to-zone radius-server policy test match destination-address <radius server>
set security policies from-zone Customer-Network to-zone radius-server policy test match application junos-ssh
set security policies from-zone Customer-Network to-zone radius-server policy tesy then permit
set security policies from-zone Customer-Network to-zone radius-server policy test1 match source-address any
set security policies from-zone Customer-Network to-zone radius-server policy test1 match destination-address <radius server>
set security policies from-zone Customer-Network to-zone radius-server policy test1 match application junos-ssh
set security policies from-zone Customer-Network to-zone radius-server policy test1 then deny
set security policies from-zone Customer-Network to-zone radius-server policy test2 match source-address any
set security policies from-zone Customer-Network to-zone radius-server policy test2 match destination-address <radius-server>
set security policies from-zoneCustomer-Network to-zone radius-server policy test2 match application <applications>
set security policies from-zone Customer-Network to-zone radius-server policy test2 then permit
Is this right?