Yes, though if the device is configured correctly and the users/permissions are created wisely it is relatively improbable that "someone messes up the configuration" accidentally.
Of course "someone" must keep admin level access, the assumption is that he/she won't do damages/misconfigurations.
Within limits (look for threads by people that self-locked out of the router, not so uncommon when playing with the settings) Winbox can connect via MAC even when there is no IP or DHCP server working.
The (IMHO) correct/safest approach is however to reserve an interface with static IP address for (remote) management, out of the bridge or anything else.
Sure if the router fails on booting or similar the whole remote stuff becomes m00t, but in these cases even direct serial access would give little advantages, if any, in theory only when the routerboot part works (and it can give control to serial) and the rest of the OS hangs later in the booting process, it can happen but I believe it is a rare enough occasion.
Of course "someone" must keep admin level access, the assumption is that he/she won't do damages/misconfigurations.
Within limits (look for threads by people that self-locked out of the router, not so uncommon when playing with the settings) Winbox can connect via MAC even when there is no IP or DHCP server working.
The (IMHO) correct/safest approach is however to reserve an interface with static IP address for (remote) management, out of the bridge or anything else.
Sure if the router fails on booting or similar the whole remote stuff becomes m00t, but in these cases even direct serial access would give little advantages, if any, in theory only when the routerboot part works (and it can give control to serial) and the rest of the OS hangs later in the booting process, it can happen but I believe it is a rare enough occasion.
Statistics: Posted by jaclaz — Wed Feb 21, 2024 6:20 pm