I would like to configure:
1 vlan with inet, this is either gone be use as a for nat or bridged to another interface.
1 vlan with a management IP. This net should not be accessible from any other net on the router.
Is it possible to not add the “management” vlan/ip to the standard routing table that’s created when adding interface/ip.
I know I can do it with firewall rules, but would like to separate them. I also need some routing to other internal subnet for management and monitor system.
I tried using “Mikrotik policy routing implementation example” http://blog.butchevans.com/2008/09/mikrotik-policy-routing-implementation-example/
But the management ip is still accessible from other interface, but it didn’t route to the other subnet on that net.