Hey all, I am trying to establish a VPN tunnel between my router and various endpoint devices (mainly my two android phones). My router has the built in ability to spin up a wireguard server, to which I can connect via the android apps on my phone. I also know that zerotier is available as a package for the router.

My question is which would you rather use? The issue is security, I'd prefer the method that is more secure. With the wireguard server there is an option to allow access to the local network, which I would like to turn on, so that I can see some shared drives and other resources that are behind the router. Presumably this reduces the security of the tunnel? At least that's what I've been told - I don't know why this is the case though. With the zerotier package, there's no distinct option to expose LAN clients, but you can add managed routes to allow remote devices to access clients that are behind the router on which zerotier is installed.

So my question is, is there really a difference here? In terms of security? What risks do I need to be aware of?