You've got few ways to make it work:
1. if you use Control Centre - you just need to configure VIP and you will manage your box using VIP. MIP can be set to anything on the loopback as it will not be relevant in this case
2. assign MIP to anything in your local branch office LAN and access your box over VPN. This is recommended from security perspective, but if something goes wrong and your VPN server in branch office dies - you lose access
3. assign MIP to loopback and use a DNAT rule in forwarding firewall to redirect TCP 807 with destination DHCP IP to your loopback IP. AFAIR this rule should be already in your default ruleset. It is a good idea to restrict this rule to specific source IP (the one you will be connecting from) - this will act as a management ACL. Also, if you redirect only port 807 remember to enable "SPoE" feature in NGadmin settings.