This feature is only available in self-hosted Pangolin instances. If you’re using Pangolin Cloud, you will need a Managed Self-hosted Node.
Pangolin supports raw TCP and UDP traffic because Newt can pass anything through the tunnel. In Pangolin Community Edition, ensure you have the flag enabled in the config file: 
flags:
  allow_raw_resources: true
These resources can either be:
  1. Publically Proxied: Map the resource to a port on the host Pangolin server, so you can access the resource from <server-public-ip>:<mapped-port>. This is useful if you want to access the resource over the public internet, such as exposing a game server like Minecraft.
  2. Internal Exposure: Map services accessible on the same network as the site to an internal port on the site address. This is useful if you only want internal exposure to a resource when connected with a client.

Proxied Resources

Proxied resources require extra configuration to expose on the Pangolin server. You’ll need to configure firewall rules, Docker port mappings, and Traefik entry points. These steps require a server restart.
1

Create the resource

In the Pangolin dashboard, go to Resources and click Add Resource. Select “Raw TCP/UDP resource”, enable Public Proxy, and enter your desired publicly mapped port. This is the port you’ll use to access the proxied resource.
2

Configure firewall

Open your desired ports on your VPS firewall, just like you did for ports 51820, 443, and 80. This is highly OS and VPS dependent.
In this example, we’re exposing two resources: TCP 1602 and UDP 1704.
3

Configure Docker

Add port mappings to your docker-compose.yml file:
docker-compose.yml
gerbil:
  ports:
    # ... existing ports ...
    - 1704:1704/udp # ADDED: Your UDP port
    - 1602:1602 # ADDED: Your TCP port
4

Configure Traefik

Add entry points to your config/traefik/traefik_config.yml:
traefik_config.yml
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
    http:
      tls:
        certResolver: letsencrypt
    transport:
      respondingTimeouts:
        readTimeout: 30m
  tcp-1602:
    address: ":1602/tcp"
  udp-1704:
    address: ":1704/udp"
Important: Always name your entry points in the format protocol-port (e.g., tcp-1602, udp-1704). This naming is required for Pangolin’s dynamic configuration.
5

Restart the stack

Restart your Docker stack to apply all changes:
sudo docker compose down
sudo docker compose up -d
In this example, we expose port 1602 for TCP and port 1704 for UDP. You can use any available ports on your VPS.