endgateway.cc
Edge onlineSign inGet started
Minecraft tunnel router

Ship your world to the End in seconds.

Self-hosted control plane with mTLS-secured yamux tunnels, public TCP and UDP for vanilla and Simple Voice Chat. No port forwarding, no router config.

How it worksOpen a portal
Live edge example
One command, public TCP and UDP, no router setup
FRA · 50000–60000
~/endgateway
# start the agent on your host
$ endgateway up --world survival
tunnel established id=ad81…f02
tcp play.endgateway.cc:54213
udp voice.endgateway.cc:54213
# share with friends, no router setup
Ports10k50000–60000 reserved
TransportmTLSTLS 1.3 + yamux
EdgeFRACloudflare-fronted control
Built for vanilla and modded
TCP and UDP framed over a single yamux session
mTLS identity

Every agent is a TLS 1.3 client cert. CN is identity, no shared secrets, no token leaks.

TCP + UDP framed

Vanilla Minecraft and Simple Voice Chat share one yamux session with length-prefixed UDP, no PROXY-protocol breakage.

Host networking

10k ports bound directly on the edge node. No docker-proxy bottleneck, no userland NAT.

From localhost to public
Three steps, under a minute
  1. 1
    Issue an agent certSign in, claim a slug, download your mTLS bundle. One-shot.
  2. 2
    Run the agent next to your serverSingle Go binary. Dials the edge over yamux, advertises your TCP and UDP ports.
  3. 3
    Share the addressEdge allocates a sticky public port, returns a hostname your friends drop straight into Minecraft.
Account security baked in
Better Auth, passkeys, TOTP, Turnstile
Create account

Your tunnel is only as safe as the account that opens it. Passkeys are first-class, TOTP lives in the same flow, and Turnstile gates every credential attempt.