What is Reddit's opinion of
MikroTik RouterOS?
From 3.5 billion Reddit comments
➔ MikroTik RouterOS website
By popularity on Reddit, this Service is:
71 reviews of this app found across Reddit:
I have no idea why you are getting the down votes; I imagine it is from Cisco purist or someone that has never worked with the wonderful RouterOS and the hardware built around it. I do hope that others might take a look at this awesome networking equipment. Link to Router OS Info
*** Also - the equipment he is suggesting is also a Firewall.. ***
http://www.mikrotik.com/ is the manufacturer, http://routerboard.com/RBMetal5SHPn looks like the WiFi gear in question.
edit: adding MFG descriptor:
The new, completely waterproof, rugged, and super high powered RouterBOARD Metal. The serious outdoor wireless device!
Fully sealed, industrial design metal case, powered by RouterBOARD and RouterOS. 1300mW of output power - to reach the last mile, in any conditions! It comes with L4 license, so you can attach your favorite 5Ghz antennna to use it as an AP, to make wireless point-to-point links or as a CPE- whatever you prefer!
It has a built-in N-male connector, and pole attachment points, so you can attach it to an antenna directly, or use a standard antenna cable. LED signal indicators make it easy to install and align.
Package contains Metal-5SHPn, mounting loops, PoE injector, power adapter
My vote is for Mikrotik RouterBoards, probably an RB2011 series. i haven't used Ubiquiti EdgeRouters so I can't do a direct comparison, but the RouterBoards have very full features and great management tools (Web UI, Winbox client app, or commandline). You can play around with RouterOS (which is just a heavily customized Linux distro) by downloading & running in a VM (or probably even install it on x86 hardware, but I've never tried that).
Can also check out /r/mikrotik
If DIY then small PC and pfSense.
For complete solutions there is really good routers from MikroTik http://routerboard.com/products/group/17
edit: btw you can check out DEMO of MikroTik routerboard GUI: http://demo.mt.lv/webfig/ It's complicated but very capable.
They probably started out as Cisco clones to get off their feet, yes, but, at least if you trust Siemens, stopped doing any of that stuff 2005 latest, Siemens went to lengths making that clear when they pulled in Huawei as a strategical/technical partner for the networking parts of their own big infrastructure projects stuff. To top it off, by now Huawei is out-engineering Cisco.
Don't mistake them for a small fab churning out fake SD cards. They're serious business.
Also, if they fit your needs (that is, you're not building an IXP or such), consider Mikrotik.
As other guys have said, read everything you can. And set up a virtual lab, you can grab PacketTracer, create a small entwork out of a few virtual Mikrotiks or even use GNS. Try, fail, learn.
The Dude from Mikrotik. It lets you keep an eye on lot of things on the network, like switches, servers and printers.
It probably doesn't do anything at all that you can't with What's up Gold, Zabbix, Spiceworks, Nagios etc, but it is just so easy to use. You can easily scan a network and have a map created for you. It's easy to set up custom probes and functions, and customize graphics and labels. It has a real Windows client, in addition to a little limited Web interface.
It's free, but also out of development. Go for the version 4 something beta if you want to try it out. http://www.mikrotik.com
http://www.mikrotik.com/thedude
If its a small environment, a couple dozen routers & switches, and maybe a thousand users?
I'd just do it with SSH and CDP.
Larger than that? I'd look for a tool.
Have you tried MikroTik RouterOS? They are known for their Routerboard hardware, but they do release the Linux-based OS to run on x86 platforms. The only thing about it is that, well, while it may not be as daunting as IOS it's still very much a professional networking operating system, so it's not designed for someone with limited knowledge; and it's also not free. But on the flip side, buying a Level 4 or higher license you get initial support service for the first few weeks, and they also have a really good wiki.
Honestly though, you should really simplify your requirements or buy a dedicated box. And regardless of what the internet has told you dedicated hardware routers are not the devil, just cheap crappy consumer routers.
Not quite BSD but ill leave couple of links
http://vyos.net/wiki/Main_Page
http://www.mikrotik.com/software
Both run on x86 hardware and can perform "traffic management". Although at 10gig you will have a difficult time performing QOS type actions effectivley without custom ASICs
Might be worth asking /r/networking as there are some knowledgable folk hanging around over there
So these two tools can help you assemble a topology diagram:
http://www.solarwinds.com/network-topology-mapper.aspx
http://www.mikrotik.com/thedude
But your network monitoring solution should be telling you if there is a bottleneck.
If you do not have proper SNMP monitoring of all your gear, then THAT is your #1 priority.
Many commercial SNMP monitoring suites include topology discovery & mapping capabilities.
Have a peek at:
- Solarwinds NPM
- AKIPS
- Nagios
- OpenNMS is a popular OpenSource solution...
Once you have a topology diagram, you can leverage that data to discover the STP topology, and bend it to your will if its sub-optimal.
The topology diagram should also help you visualize design issues.
But, eventually you're going to need to log into a whole lot of devices and get to know them all individually.
I'm an admin of a medium-size WISP in Oklahoma :D
Try The Dude by Mikrotik. It's actually a very capable and visually-attractive NMS that can do all the simple stuff, like ping, but can also collect and graph SNMP stats. It's not limited in any way, and is completely free, although not open-source.
We use it to monitor several thousand devices.. It does a really good job.
It primarily runs under Windows, but can be run in Wine as well. It's also uses a client/server/agent model, so you can have several people logged into it at the same time.
The Dude is a good place to start, but it's not 100% accurate and can miss some stuff, but it should get you enough of an idea to at least get started. Once you've got a basic idea obviously the best and only truly accurate way to figure out your setup is with some hands on time with your network. Good luck!
Possible. Here is most of the raw text without any fancy reddit formats :)
We are releasing a test version of an exciting new feature - Cloud Hosted Router (CHR).
It is a Virtual Machine image of RouterOS that has full functionality of RouterOS without any kind of conventional RouterOS license, with the limitation of 1Mbit per interface, in future, we will offer unlimited speed with a paid license. This allows you to use RouterOS in training classes, for testing, for experimentation or any other purpose, without the need for 24h trial or Demo license. Simply no SoftID and no licenses.
We provide a generic (RAW) format IMG that you can convert to other formats with qemu or other tools. I have already pre-converted them for your convenience to VMDK (VMware virtual disk image) and VDI (VirtualBox disk image). Those are not installers, but ready disk images.
qemu commands for converting images
RAW to VMware:
Code: Select all qemu-img convert -f raw -O vmdk chr-6.31rc9.img chr-6.31rc9.vmdk
RAW to VirtualBox:
Code: Select all qemu-img convert -f raw -O vdi chr-6.31rc9.img chr-6.31rc9.vdi
See below for steps how to run this new system.
Downloads:
RAW: http://www.mikrotik.com/download/share/chr_6_31rc9.img VMDK: http://www.mikrotik.com/download/share/chr_6_31rc9.vmdk VDI: http://www.mikrotik.com/download/share/chr_6_31rc9.vdi
Normis and Co. (aka Mikrotik) has started working on an Android utility that gives you ability to configure your router more conveniently, while on the go.
You have to sign up to get "on the list" so I thought I would share it here.
Edit:
Normis added a non-google play download link for the utility to the forum post:
That is actually an impressive step forward. You would still have to run regular power to all your other things, like outlets, but once we have everything compatible with 802.3af protocol even plugging in our phone could be powered this way, with a switch replacing a circuit breaker. All things that require power would be connected to the internet.
There is software out there (The Dude is the one we use at our company) that let you see the status of all devices on your network overlain on a map of your property, and as more and more things connect to our networks new software will be written.
For renovation-type projects in the near future wireless is probably the way to go so new cable doesn't have to be run. Strain from the bulb's data transfer likely isn't a concern, so a hidden VLAN could be set up to create new local addresses, so that isn't a huge problem (unless your hardware was unable to handle it, but if you have that many IP lights you are better off rewiring your entire building, which for just lights isn't really worth it yet. Once we have more things that can take advantage of this type of system it will become more practical). Once the bulb's price drops to make the features worth it and other things become compatible with Ethernet replacing traditional wiring these will become big.
take a look at this http://www.zeroshell.net/eng/
and this one is interesting but it is not free http://www.mikrotik.com/
I would suggest zeroshell
it needs a lot of work but it is free and can be modified.
Mikrotik is an awesome OS based router you can install on physical hardware or virtualize. It also supports various formats of Netflow for your IPFIX packets you're looking to create. The software can load up in minutes in a VM environment and will give you 24 hrs of unrestricted use on a demo license.
http://wiki.mikrotik.com/wiki/Manual:TOC
You may find that just moves the problem to the WAP Ac, since it will have to do the same thing. If btest is the way you want to go about your testing, I'd download the windows client and do it from a PC behind the HEX. As others here have mentioned, the hex does do gigabit routing. http://www.mikrotik.com/download/btest.exe is the link for the btest windows client.
hAP lite has a different, smaller ROS package (SMIPS, size around 7 MB) than the other Mikrotik models (MIPSBE, size around 10 MB).
http://www.mikrotik.com/download
Direct link: http://download2.mikrotik.com/routeros/6.35.4/routeros-smips-6.35.4.npk
You should be able to upload this 7 MB file to your hAP lite in full (either via web GUI or Winbox Files menu or FTP) then just reboot the device.
Why not attending some training? There's quite a bit of documentation from passed training sessions around the net you can look for. Since they're cheap you can get one and play with it at home.
Look up Greg Sowell's tutorial, if I remember correctly he has some good videos posted on his site.
Check out http://www.mikrotik.com/training/ to see if you happen to live near one of the locations.
If you have a network full of them might as well learn the damn thing right?
Are you WISP that you have so many of them?
I use the Dude from Mikrotik you can set it up map your network to a map. It uses pings or probes to alert you if a machine/website goes down with a custome email or txt message. Logs the time a nic stops responding and outages and can show real time traffic TX RX via snap . Lets me know about a problem way before a user calls and complains. I have it running on a tiny VM less than a gig of ram one cpu and it has no problems. Couldn't live with out it. http://www.mikrotik.com/thedude
Not what you're asking about, but could help in your troubleshooting: The Dude from Mikrotik.
The reason I'm suggesting it is because it is a step up from having static Visio maps. There's obviously nothing wrong with doing it that way, but this gives you live feedback if something goes down, can show traffic going between devices, can be laid out (as in the screenshot on the site) to correspond to a geographical map, etc. I know it can poll the network for devices, but we've always added ours manually to our network map.
The Dude (not a joke) is free and will attempt to diagram your network. I have never had one come out right though. But it is free, and is like an SNMP-enabled Visio.
Not really sure what you are looking to track, but for simple up/down and other basics, I've been pretty happy with The Dude, which is available for the low low price of free.
They have some local support and organize for training to occur around the world pretty regularly
I haven't had much experience with them, I had a client who decided he was going to buy them and I had to get them working within his existing network - so I got stuck with the learning curve. but other than that they seemed pretty good.
I think the feel of them are 'good enough' for everything, but they don't quite make the quality of a solid Cisco or Juniper. I mean, you look at those companies and devices and know they're solid and have experience, backing and support to be what they are. They have a reputation etc.
Mikrotik on the other hand, are good, great for their price and feature set but have yet to have the same impact on me or anyone I know. Kind of like a 95% uptime and a 99.99% uptime.. not much but when you're going for that enterprise services with contracts and values that are worth the extra $$ in the racks..
I'm not sure about the UPS part, But for the router, Check this one RB951Ui-2HnD. I work with various models from mikrotik and never had a problem. Routerboards are pretty capable for they cost.
The Dude will work if your router supports SNMP, and it should. With it you can see traffic going over each of the LAN ports on the router. But, all of the wireless traffic will be grouped together. So you won't be able to tell who is being rude, just that someone is.
It is a pretty professional piece of software, so chances are you'll fumble around with it quite a bit. Here's two charts I set up to monitor traffic going in/out of my WAN, and in/out of my Wireless.
If you're interested I can write up a more detailed guide on this.
I would look into having a wireless ISP shoot service to you. Expect to have to put up a tower on your property. If you get your other neighbors to sign up too, you might even get a nice kick back for having the tower!
If you want to DIY check out http://www.ubnt.com units, or http://www.mikrotik.com/ which is very popular in the industry.
For directionally spanning long distances try something like a Wireless bridge.
Also it was mentioned by a co-worker to suggest Mikro Tik. They have the MikroTik RouterOS Linux based OS, and have many wireless products. Wikipedia gives a good generalized overview of them.
Right now I use an allocation from my upstream provider (another much larger WISP.) I'm hoping to be able to get my own /20 from ARIN soon, it's mostly funds limited right now. You only need 2 peers if you need smaller than a /20.
I'm currently working with a ipv6 allocation via tunnel from Hurricane Electric, which has worked out well for me. I'm only using it for testing currently since some of my CPEs I use for clients don't support or don't fully support it. I'll get a native ipv6 from ARIN eventually, I'm not even sure my upstream carrier can currently support it right now.
I use Mikrotik RouterOS on all of my routers at each towers, so I have full sniffing and monitoring at each tower if I need it. I run zenoss and the Dude for monitoring all of my equipment and access points. I don't monitor end-user equipment because it can be too flakey with people turning off surge suppressors, etc.
I'm a litertarian and run my ISP with my same ideology. I think of myself as a direct conduit between my customers and the public Internet, so I don't do any filtering or firewalling. I do have some minor QoS set up to reduce peer-to-peer traffic's priority below "normal" traffic, but not to limit it in any way. If you run an ISP without doing this, you'll basically end up with a DoS attack the first time a customer opens a peer-to-peer program.
Mikrotik. We're a local ISP and we use it in house for everything from a border router, our interior LAN and on wireless APs. Highly flexible, powerful, runs on any PC hardware, has both shell and web configuration, as well as a Windows application for remote config. There is nothing that Mikrotik can't handle -- we replaced Cisco equipment with it.
The only downside may be that it is commercial software, they have a full version, time-limited free trial, and I believe a demo version that's not full featured but not time limited. If you're just setting it up for home use it may not be right for you. OTOH, the licencing is pretty darn cheap.
TheDude! Seriously, check it out!: http://www.mikrotik.com/thedude.php
"The Dude network monitor is a new application by MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems."
I've been using it for years, it's brilliant, and free!
Confirming everyone's answer with an official one. I emailed Mikrotik before I purchased and deployed one outdoors and this is the response from the sales team:
"Thank you for your interest in our products!
Wireless Wire is weatherproof, it has IP rating of 55 and it can be mounted outside.
Please contact distributors of our products in your country (http://www.mikrotik.com/buy/) to get the quote.
Purchasing our products through local distributors will allow you to save some money on shipping and also have support during your business hours if you would need such.
As we ourselves are a manufacturer and wholesaler, all the assistance in particular projects, as well as regional sales, is provided through our distributors."
Bi-directional 1 Gb/s?
If you are fortunate to have bi-directional Gigabit Internet (or better than 1000/500 Mbps), you could test with the public btest server in forums using the Windows btest.exe tool ("both" directions in its settings).
You could test LAN bi-directionality with iperf --dual-test or btest with two devices/PCs passing through the router being tested.
Links of the equipment or how to set it up? Here is a link to the router http://www.mikrotik.com/
As far as setting it up goes, I don't have any links for that. It would just be creating all your interfaces and setting up mangle rules for policy based routing. I can help you with configuration later if you get the equipment, just DM me.
É um roteador profissional e ele exige que você saiba o que está fazendo. Com um bicho desses você pode montar um provedor inteiro de internet, vendendo planos com velocidades diferentes etc.
Se você por configurações erradas que pioram a performance ele não vai te impedir. Recomendo fazer os cursos dele. O mais básico chama-se MTCNA e existe no Brasil em EaD. Recomendo o da Entelco.com.br. Se você gostar da brincadeira, recomendo o MTCWE (especializado em wireless).
Well, that kinda works, but still prompts me for the password. (Not the ssh-keygen passphrase, because I didn't create one.)
$ ssh -l admin -i /home/ron/.ssh/id_dsa chef admin@chef's password:
MMM MMM KKK TTTTTTTTTTT KKK MMMM MMMM KKK TTTTTTTTTTT KKK MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK
MikroTik RouterOS 6.37.1 (c) 1999-2016 http://www.mikrotik.com/
If you want more than just a diagram The Dude allows you do diagram and monitor at the same time. Works best with SNMP devices but can still show up/down via ping, http, ssh and a bunch of other stuff.
I went with a Mikrotik and a few PoE access points after dealing with bugs with TP-link and Netgear.
They have a learning curve so I can't really recommend them to anyone whose idea of setup is just plugging in a box. But they do have a decent demo RouterOS
If the router supports SNMP you can have a computer in your house poll the router for interface statistics. This will give you a baseline for internet usage. Though messing with SNMP can be a headache and you'll pay about $50-200 a year in power. You can try using "Thedude" from mikrotik to monitor the router if it supports SNMP. http://www.mikrotik.com/thedude Its pretty simple to use and is free. Another option is to get a smart switch or fully managed switch and connect internet modem to the switch then connect the router to that switch and use the built in monitoring... Though if your going to buy another device you might as well buy a router that supports inbuilt traffic monitoring.
Have a look at MikroTik's equipment, there is a subreddit here for them at /r/mikrotik. They do some nice integrated WiFi Radio/Antenna units that can give you great range and performance compared to a USB card or the likes, they're not terribly expensive, and there are people who stock them in the UK.
There is a little bit of a learning curve to using them but the basic stuff like connecting to a hotspot is straight forward.
I'm not affiliated with them, but I do use 'em every day pretty much for an ISP and they're decent yokes...
I recommend you deploy via OVA. There is a URL on the forum which installs an RC build with many ESXi improvements.
It is in the CHR thread near the end. Then you can downgrade to 6.35.2. You want to build it from RC source.
They provide a variety of formats on their download page in VMDK, VHDX, VDI and Raw. I'm running the VMDK which is a vmware specific format. I could try the raw image and convert. Their wiki also mentions running on an ESXi server so I imagine it's doable.
Can confirm wireless antennas using 900 wireless band... more than likely with a mikrotik board and card behind panel. Hook up an old cordless phone near it and that link will not work!
edit: inserted website
You just need a PC onsite to install The Dude on. Yeah, it will take a little bit of SNMP setup in your switches, but it's easy to set up. After you map the network on it, it will graph the bandwidth usage of every device on the network. Plus it's also useful for seeing if things go down.
Oh, wow, yeah. Home routers are awful from a security perspective. I mean, really awful.
There's nothing great, but going with a mikrotik is better than pretty much anything mainstream: http://www.mikrotik.com/
Not the cheapest or best features, but far more secure.
I did that the first time, there are more lines, but the prompt is on the last line, I thought only the last line will count because when I match against login there are a couple of lines above it, and the router os version, I don't specifiy there that there's anything else above login.
Anyway, the whole sequance of logging in is:
[alex@samba scripts]$ telnet 192.168.255.100 Trying 192.168.255.100... Connected to 192.168.255.100. Escape character is '^]'.
MikroTik v5.25 Login: mktbk Password:
MMM MMM KKK TTTTTTTTTTT KKK MMMM MMMM KKK TTTTTTTTTTT KKK MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK
MikroTik RouterOS 5.25 (c) 1999-2013 http://www.mikrotik.com/
[mktbk@MMV] >
Thanks
We have used two solutions in the same setup you are talking about.
The Dude is a great free solution. Does SNMP for networks and WMI for Windows servers. Also allows you to make charts for just about anything. It is highly customizable as far as the probes you can implement. You can even access it via a web browser, without any other software. No maps through a browser, but it is handy for monitoring when you are in a pinch. One shortfall is that it is open source, so there is no support. We used version 4 and even tho it is in beta, it worked great, we never had any issues.
InterMapper is another great solution. All the same features and much more polished. It is pretty expensive, but the features and support are well worth it.
Toying around with this calculator http://www.mikrotik.com/test_link.php , two AWUS036NHV wifi dongles with a 9dBi antenna on the quad and a 30dBi TP-LINK TL-ANT5830B parabolic could reliably reach 100 miles. cool
I don't see why there would be a problem. I've seen other providers make custom cases without any logos for Mikrotik at all, and nothing has seemed to happen (for example, the Stationbox).
The only information I could find regarding custom equipment is on Mikrotik's "Made for Mikrotik" page. There's not a lot of info about rules, though :(
If you want an official response, try contacting their support. Alternatively, you could post in their forums to see if one of the Mikrotik guys might reply.
Ironically, there is a really great & free monitoring solution out there called 'The Dude'. Have been using it for years, and is extremely competitive/flexible feature wise.
Yes, Arby's sauce is pretty good. So is sriracha.
If you mean source.... then its just the main site. http://www.mikrotik.com/download click on mipsbe and you should see the package right there.
The Dude - http://www.mikrotik.com/thedude. I've found the 4.0 Beta 3 to work very well. Another option is PRTG - http://www.paessler.com if you want SNMP stats to go with it, freeware limited to 10 devices though.
Check out http://www.mikrotik.com/ I caught on to them via /r/networking Whatever router, make sure you buy one that supports open source firmware...
Google's built-in wifi is not nice at all. Your best bet is to disable the built-in wifi and get your own wireless access point. The Latvian company MikroTik makes fantastic routers that allow you to go beyond US regulatory limits for transmit power.
Yep, the Balsams is uniquely Latvian.
Last year I went on a excursion to Rundulas Palace and one of the stalls outside the palace had someone selling wooden cooking implements. I picked up some small cutting boards and a giant spoon. The cutting boards I picked up that day are the ones I use the most now.
If you're in the tech field could always stop in and visit the folks over at Zabbix SIA and pick up a sticker or two (be sure to tell them I sent you), or you could go and find MikroTik and see i they have some schwag, although my friends at Zabbix SIA tell me MikroTik is very quiet about who they are and what they do.
I would say go hit up one of the night clubs and leave with memories of a fun time, but last time I was there the clubs didn't have the same energy and vibe as the previous years.
Sigh... 5-6 more months until I get to go back. :-)
I completely neglected the firewall. I would likely choose a MikroTic. I've used them before and like them. They also aren't too expensive.
For backups I love ShadowProtect, but they will be a mix of Windows and Mac, along with possible some Linux users. Using SP for the Windows machines and then Time Machine for the Macs seems fine though. We'll worry about Linux if it comes along. The idea of taking backups rotating external drives sounds good.
This is very true. We can simply use the server hosting the files as the Own Cloud server too. I'll bring up hosted email as an option as well. There really isn't a need for a domain controller if we are only using the server for hosting files.
I actually work for an MSP and my friend is simply asking for some help. I was planning on bringing up the possibility of using us to build the foundation and possibly as a billable client.
Spiceworks is a great place to start for looking into the network. For monitoring your usage, I suggest "The Dude". Both of these are free, so they fit well into your budget. There is some config that will take time for you, but they will both give you what you are looking for.
I dont know of any decent way of automating weathermap without a hands on approach.
If you are open to other solutions, check out mikrotik's The Dude, this is mostly automated and is usually pretty good with different devices.
If you have a budget then Net Brain has all of the bells and whistles, it will even produce visio diagrams for you :)
you need to keep two things in mind, bandwidth and quota. not the same things.
any time you put a 's' on the end, you're talking throughput - the width of the 'band' you have, for data to go through. else, you're talking about an accumulation of data - the total amount of which you want to count.
essentially you're looking for some sort of firewall or device that will monitor the usage, run a script upon the meeting of X usage to change something in the switch or router.
while i'm not recommending it as such, something like the mikrotik OS does this, at the bottom of this page you'll they can have scripts running that measure the usage and when it exceeds a set amount, it changes the link throughput.
simply googling 'firewall usage quota' gets you a few ideas. but WRT is a free mod for some common routers you might have around; https://forum.openwrt.org/viewtopic.php?id=46144
You need to be able to set up useful notifications (with escalation support if possible), and being able to specify 'parents' is extremely helpful as well (so you don't get alerts for disk/memory etc when the host itself went completely down).
History/charts is a nice feature as well, it lets you go back in time and see how things were before a problem started.
I'm a big fan of TheDude because it lets you build custom probes etc, all via a Windows UI.
I'm assuming based on the diagram and included radius and management servers you're doing one of the follow:
hotspot / pppoe / 802.11x on wireless?
If so, I'd personally recommend running RouterOS rather than Pfsense (yes it's not free, but is still very cheap, incredibly feature rich and easy to pickup).
As someone that runs it daily in setups similar to this support up to 1500~ users per server, it works :-)
Just to toss this into the ring... Check out Microtik / Routerboard as well. Not as cheap as a WRT54G with DD-WRT or Tomato, but it is also a bit more powerful (BGP, OSPF, RIP, L2 tunnelling, etc).
We use these extensively for customers and are very pleased with the performance and functionality.
It's a trap! Sorry my copying didn't work. I went to 70.61.78.202 and it came up that it was a very basic (fake) site for Mikrotik routes etc. My no-script add-on showed no other scripts running on the page except for 70.61.78.202.
I do a google search for Mikrotik and the real site looks a lot different than the one above.
So long story short you are probably safe.
Alternatively a device running RouterOS (either one of their routerboard devices or an x86 computer running RouterOS) can do this quite cheaply using mangle rules.
Basic licence is around $45 or included with their hardware, does pretty much anything you could want for an office network.
Using MikroTik's TheDude myself (used to run Nagios), very easy to use, very powerful, free, I have it monitoring over 40 remote sites. The only thing I haven't figured out yet is how to do escalations, if possible at all.
Looking for another solution since I really want escalations.
Visio/OmniGraffle for manual diagrams when the automated mapping programs don't work (they never work).
You can give TheDude a try though. I've had the most success with that. However, don't expect anything pretty.
Spiceworks will also do it in an ugly fashion. SolarWinds will do it for over $1000 in software. But really, just do it yourself.
Look here for part of it.
I use HP ProCurve switches at most of my larger tower sites, and have a Mikrotik RouterBoard of varying size at each tower as well to handle everything. I have some older (read: cheap) Cisco layer 2 switches, but don't use them anymore because they're noisy with fans and prefer HP stuff. I refuse to pay the Cisco tax for the name and support contract just to get updates and security fixes for the devices. HP gives you free updates, and has lifetime warranties on their switches.
Besides myself, no, I haven't paid anyone else to configure any of my equipment. I've set up and managed very large networks (school district) before, so I'm quite comfortable doing it myself. I have paid a Mikrotik consultant before to help with some weird quirks recently though -- Ubiquiti bridged backhauls aren't true bridges, they won't pass multicast traffic, so OSPF isn't very happy.
That looks a lot like what we use but <strong>The Dude</strong> supports multiple operating systems (including Windows). Once an object is defined (e.g., a switch) and scanned via SNMP, a "ports" tab will appear on the object where you can label to your heart's content. Also, you can add gobs of text as well so we throw switch configs into the description (kind of a backup if you will).
EDIT: added content
If you like to tinker with devices, try out something new, etc. take a look at MikroTik hardware: http://www.mikrotik.com/
They are not much of a looker, but they do have a fast hardware, decent software and are packed with features. And they don't cost an arm and a leg :)