Make sure you allow any other protocols needed. When you apply a firewall filter to the loopback interface you are filtering traffic going to the routing engine. The default action of every firewall filter is DISCARD, so any other protocol, (for instance OSPF, SNMP, or BGP) needed by your router to exhange information with other routers, or for management will be discarded. What you can do is add a couple of more terms to the filter recommeded by Nellikka.
### Term MGMT1 accepts SSH, or HTTPS only from source-address 215.195.64.0/22
set firewall family inet filter RE-PROTECT term MGMT1 from source-address 215.195.64.0/22
set firewall family inet filter RE-PROTECT term MGMT1 from protocol tcp
set firewall family inet filter RE-PROTECT term MGMT1 from port ssh ## this matches both src. and dest. port number
set firewall family inet filter RE-PROTECT term MGMT1 from port https
set firewall family inet filter RE-PROTECT term MGMT1 then accept
### Term MGMT2 rejects SSH, or HTTPS from any other source address.
set firewall family inet filter RE-PROTECT term MGMT2 from protocol tcp
set firewall family inet filter RE-PROTECT term MGMT2 from port ssh
set firewall family inet filter RE-PROTECT term MGMT2 from port https
set firewall family inet filter RE-PROTECT term MGMT2 then reject
### Term MGMT3 accepts everything else (OSPG, BGP, SNMP, or any other protocols needed by your router)
set firewall family inet filter RE-PROTECT term MGMT3 then accept
You can also add more terms as needed, to permit only the traffic required by your router, from trusted devices. Maybe a term for BGP that only allows some addresses. Maybe another term for SNMP, and so on.