> OK. I agree that this is an issue if the hotspot is there, but I would be
> concerned about putting servers on that leg, essentially for the same
> reason I wouldn't want the hotspot on the LAN. I think the new NIC is the
> best solution.
Agreed. This is what I will do. Since I will need telnet capabilities
(among other services) to the server, there is no point opening that up to
my wifi clients as well.
> I also see how not being able to ping things there would be an issue.
> Perhaps rather than only blocking certainly ports, a better choice would
> be the ability to allow specific ports/protocols, which you would define
> as whatever your choice for diagnostics would be
Good idea! Punching a hole through the portal for it to not listen on
certain ports while it listens on everything else in a great idea.