Being someone who love playing around with Cisco kit I decided to annoy my wife and remove the standard cheap basic router from my ISP and go full enterprise at home!
The diagram below shows the topology of my setup, the broadband line uses a Fibre Line VDSL Broadband Fibre Connection. The main ISP router is a Cisco 887VA-M which has the firewall completely locked down with only ports 443 open for SSL VPN connection into my network. I gave the local interfaces an IP from the subnet of 192.168.2.X /30. This allows two IP addresses which can be used to connect the core ISP Cisco router to my Cisco ASA Firewall, which protects in the internal network.
The local LAN runs on a different subnet, 192.168.1.X /24, which uses DHCP reserved addresses. I allocate specific IP addresses and lock down the network with firewall rules on the Cisco ASA.
The local wireless access point is a Cisco AP541N-E which uses WPA2 PSK along with MAC Address filtering to further lock down who can access the network via MAC Addresses.
If you wanted to know how the network was configured please get in touch and I can always send you snippets of the configs.