I also post a similar topic just now.
I agreed that this should be a basic feature, for limiting access to management as protection.
A simple approach is just to allow to define an ACL in the “Allowed LAN Networks” section, even with only one LAN segment defined.