atomicangelYou installed a Unifi DMP right?
Why not use WireGuard in the Unifi itself so it’s one VPN connection that you can turn on/off at will to link to the whole network there?
I do this in my setup to my home lab remotely, and the only headache is if the public IP changes or if I was behind a CGNAT, which is something Tailscale can handle to my understanding.
If you are behind a CGNAT another option is doing the inverse: have the WireGuard in the datacenter reach to a WireGuard box you have on the outside. That’s how I handled my VPS connection in that I had the VPS just always online and my pFsense router at the time made the connection back to the VPS, which allowed me to move my router from physical site to physical site without any interruption aside from the literal downtime in moving it.