In the following setup:
external ------[SRX]------ internal
You will see Forbidden-403 error if logging in to internal interface from
external network, if you have web management enabled on internal interface only.
So in your case you should add tunnel interface (st0.unit) to the list of management interfaces
(ge-0/0/0, vlan.0). Then web management should work with interface list (its better to
use list if you do not want web management on internet-facing interface).
Regarding terminal type, I don't know how to set this command permanently, but
for many terminal programs (putty, securecrt) it is not needed, all keys are working
fine right away. I've seen this command command needed only for native Windows
telnet client.