We are trying to help an external company who wish to publish their Juniper Firewall for remote management. We can ping the external address quite happily, however we cannot connect to the web ui over http. On the untrusted interface under management services / other services, ping and web ui are ticked. If we untick the ping we can see that external pings do drop off, so this works. I have confirmed with the ISP that there is nothing their end that would block the connection.
Thanks for your help.