I wise decision I think. I too keep my Terminal Services port locked down. If I need to use it remotely I ssh into my Linux box and punch a hole in the firewall for the specific address I am using at the time (I never remember to remove them though, so there are dozens of port 3389 rules hanging around ).
_________________________
Remind me to change my signature to something more interesting someday