Hi,

I have a mikrotik 951G-2HnD
I have congigured it from blanc.
ether 1 is for WAN connection and has a DHCP client confgured for the interface.
On Ether2 There are several VLANS and on each VLAN is a DHCP-server enabled.
It works great.
Now I want ether 5 for management.
The ether1 wan and Ether 2 are both untrust networks.
Ether 5 I want to connect to the corporate network on de management vlan.
I want to manage the mikrotik through this interface
But Ether1 and all VLANS on ether 2 must be not able to connect to the management netwerk. So it must be surely separated.

How can I do this?

Draw a diagram as its not clear.
By the way, since you are using vlans, that is your L2 separation between users.
On top of that you may need firewall rules to keep vlans from seeing each other.

Hence, I do not understand about untrusted ports as the security is already provided via vlans.