Registering for the wiki and voting seems like something disabled right now (there's only Log In, no create account, or signup link at the login page) so I'm just going to post the features I would really really like here;
[*] Automatic mapping of DHCP client hostnames into the DNS server, such that if my system jumps in and says it's "dave", I can resolve "dave" and "dave.mydomain.com" immediately saving having to create static entries for every box on the network. In a hardware/software development environment where we do a lot of system testing and integration (usually remote console over SSH or file transfers) it's a pain to look for IP addresses when we know the hostname the system will give out, and a royal pain to add a static entry to every system we want to run and test, both in DNS and DHCP to lock it down for testing. Removal of the entry on DHCP release also means we would immediately know (no resolution) if the system got turned off (actually very useful for VMs, too, since we do a lot of development inside VMWare on our desktop systems, to produce software for the target hardware). This actually happens automatically on much crappier "router" software such as present on most home modems, or DD-WRT or Tomato, which makes it all the more painful not to have (since nearly everyone in the office gets the feature at home for free)
[*] Wizards for setting up various VPN types, especially things like servers for IPSec "Road Warrior" configurations which are nefarious and difficult to get right when the settings are spread across many, many sections of the configuration tree (/ip ipsec, /interface *-server, /ppp)
[*] Already in the Wiki but I'll vote for it here; certificate generation on the router
[*] Web Proxy: ability to rewrite web addresses to match other web addresses (therefore, for instance, if I go to ftp.*.debian.org over HTTP, it rewrites it to use our proxy or points it at some fast local mirror, or even redirects the ftp.uk.debian.org mirror to the ftp.us.debian.org mirror, without playing with DNS (essentially because if we all end up going to a different mirrored site, we get the same files cached multiple times)
[*] Web Proxy: pass through caching to some other system for certain domains, or paths, such that the router will use the "parent proxy" for that task and just act as a gobetween. You might have guessed we fetch a lot of Linux distribution packages in the office, but we can't set every client to use a local mirror (since they're shipped to customers and need the public repo addresses.. no preset proxies or "office internal" data can be applied to these systems)
[*] Web Proxy: don't commit to SD card so much! On our RB1100AH we can see the effects of the Linux caches being flushed to SD card doing transfers which should be at ~gigabit speeds from memory to the client, basically run up to a few megabytes and then the speed drops to SD card speed (and then goes up and then goes down again). This is especially evident on sites like SpeedTest.net which transfer files over HTTP via Flash to do bandwidth testing - 400mbit/s to 3mbit/s to 40mbit/s to 1gbit/s to 10mbit/s and then a steady rate which is far, far below the actual connection speed for the final stretch. Our connection is much faster than our SD card which we would have hoped would just be used for backing store of files fetched every couple days and therefore not soaking up RAM, but it seems to pull from it rather a large amount. It also, weirdly, alters the ping values (I guess Flash can't send an ICMP packet so it's guessing over an HTTP connection) from ~10ms to 200ms and also SEEMS to do the same for a real ICMP ping via PingTest.net (which is Java and are real ICMP..) when enabled as a transparent proxy via srcnat. Since we can't know the server SpeedTest.net will use at any one time, we can't override it (nor can we "bypass" the proxy in any way anyway, only "accept" or "deny" proxying)
[*] Probably my favorite: DHCP option support that doesn't get set in EVERY DHCP packet going out. We should be able to add options for every static lease entry that do not affect others, for example if I am provisioning many types of IP Phones or other similar systems, some support option 66 and require a full firmware path, others just the location of the directory and will seek their correct firmware path. The only alternative right now is to create a special new DHCP server and lease pool for each set, right? This annoys me because I'm looking at 30 pools to configure, 27 of them containing only a single lease. Every other DHCP server I've used lets me customize options per lease or per MAC address and not per-pool.
[*] Ability to backup and restore config to/from a TFTP server as many IP phones (and Cisco routers..) do.