WireGuard is fine, but since it's only UDP, it doesn't work well if you're connecting behind a restrictive firewall or from a network using CGNAT (many of them).
If you're a reluctant sysadmin that doesn't care, I'd recommend using Tailscale. It's wireguard without the drama, is extremely competent at piercing through almost any firewall [0], and has a great ACL system that lets you fine tune which accounts can access what.
If you're a reluctant sysadmin that doesn't care, I'd recommend using Tailscale. It's wireguard without the drama, is extremely competent at piercing through almost any firewall [0], and has a great ACL system that lets you fine tune which accounts can access what.
It's also free (for now)!
[0] https://tailscale.com/blog/how-nat-traversal-works/