For less technical people or just don’t want to deal with public-facing open port: Tailscale or Zerotier are both great option (use Tailscale if former)!
Since Wireguard uses UDP and peers only reply to a received packet if it’s expected and valid, it won’t show up in port scans and barely increases your attack surface.
Tailscale and Zerotier are quite nice, but personally I dislike NAT-punching protocols.
For less technical people or just don’t want to deal with public-facing open port: Tailscale or Zerotier are both great option (use Tailscale if former)!
Since Wireguard uses UDP and peers only reply to a received packet if it’s expected and valid, it won’t show up in port scans and barely increases your attack surface. Tailscale and Zerotier are quite nice, but personally I dislike NAT-punching protocols.