Another choice is to setup a different port on the inbound PC and use that instead. Use something other than 3389. Punch that hole through the router and make sure the PC is configured to answer on it. I believe dd-wrt will also handle doing this within the router. As in, open port X and have it internally redirected to port Y.
Yes, it's a security risk. But so is any inbound service. Make sure you configure the PC to refuse anything other than a secured connection (not plain or unencrypted). No sense having a wireless connection get sniffed. Then watch your event log for failed login attempts and manage accordingly.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.