> For the complete documentation index, see [llms.txt](https://docs.tcpshield.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.tcpshield.com/vxlan/sentry-tunnel-for-rathena-ragnarok.md). # Sentry Tunnel for rAthena/Ragnarok This guide explains how to create and configure a Sentry/VXLAN tunnel, using a Ragnarok Online server as an example (rAthena emulator running on `108.61.149.182:6900`). ## 1. Setup Follow the Sentry Tunnel General Setup guide [here](https://docs.tcpshield.com/vxlan/sentry-tunnel-general-setup#id-1.-tunnel-creation). ## 2. Whitelist VXLAN and Backend Ports Your VPS/Dedicated server might have a firewall which is blocking outside connections by default (or a [Security Group](https://docs.tcpshield.com/vxlan/pages/631Mayag431M2l0f1dAD#id-1.2-firewall) put in place by your Cloud Provider). In this case, it's important to make sure your server port and the VXLAN's port are both accepting connections. This can be achieved by using `UFW` or `iptables`. #### Using UFW ``` ufw allow /udp ufw allow /tcp ``` Then verify the status by running: ``` ufw status ``` #### Using iptables ``` iptables -A INPUT -p udp --dport -j ACCEPT iptables -A INPUT -p tcp --dport -j ACCEPT iptables -A OUTPUT -p tcp --sport -j ACCEPT iptables -A OUTPUT -p udp --sport -j ACCEPT ``` Then verify your configuration by running: ``` iptables-save ``` ## 3. Execution Now you just need to run the provided script, once completed: * Your server will now be reachable via the assigned public IP (e.g., 104.234.6.128). * The server latency depends on the Anycast region and distance from your users. You can verify that the tunnel was created by running: ``` ip -s link show vxlan_ ``` Originally I have the Ragnarok server running on: `108.61.149.182:6900` After running the setup script, the players can now connect using: `104.234.6.128:6900`

As you can see, only the IP changes — the service port remains the same. Only the address needs to be updated.

And that's it, your Sentry tunnel is now fully operational. Congratulations! You can now run your server with confidence, knowing that it's protected by TCPShield. If you encounter any issues during setup or operation, please refer to our [Debugging Guide](/vxlan/common-issues-and-debugging.md) for troubleshooting tips and common pitfalls. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.tcpshield.com/vxlan/sentry-tunnel-for-rathena-ragnarok.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.