If anyone’s interested, I created a series about Wireguard which ended with port forwarding to achieve the same here.

Not saying using a VPN tunnel is better than a SSH tunnel, but knowing how to use DNAT and SNAT is pretty cool, especially since our internet routers do SNAT all the time. Maybe DNAT and SNAT could be considered a little more advanced than SSH remote port forwarding (again, not trying to judge).