MikroTik

Hi gang. Is it possible to run 2 subnets on the same interface? I'd like to deny access to manage the router from the subscriber subnet while allowing access to a management subnet. Would I assign two IP addresses to the same interface? The subscriber subnet will be managed via DHCP. For example on interface fe2 I'd have:
192.168.1.1 (subscriber default gateway)
192.168.2.1 (management subnet)

I've tried this however when I assign myself an IP on the same subnet as the management IP address I can't log into the router or get out to the internet. If I get an IP address of 192.168.1.2 dynamically from the DHCP server I can access the router and internet. What I want is the ability to restrict my subscribers from getting access to manage the router while allowing IP's on the management subnet access. Thanks.

I don't think you can do this without using VLAN. You could set the DHCP to give your pc a static IP and in the firewall only allow your IP to connect to the management part of your router.

Yes you can run as many subnets on a given layer2 interface that you want to without any issue. However if you are running another layer2 service like hotspot then it becomes more tricky. Also doing two different subnets on the exact same layer2 interface is extreamly insecure and does nothing to slow down a potential attacker. Anyone running netcut or any other packet sniffer program will immediately be able to figure out your two subnets and change their computer accordingly.

The best solution around that is two separate routed interfaces. Either via VLANs and managed switches that support it, or a separate interface on the MikroTik along with separate hardware, which is likely not possible for you.