[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Problems Continue while trying to set up a TOR Private Relay



Roger

Thanks, you're always very helpful!  I'm on the road for a couple of days but I'll try the IP fixes when I get home later this week, first trying it with a blank and if that doesn't work I'll try entering the external IP manually.  FYI, I did uncheck the "automatically distribute my bridge address" as the people I'm supporting are in China.

Thanks again
Jim

On Tue, Jul 6, 2010 at 08:40, Roger Dingledine <arma@xxxxxxx> wrote:
On Mon, Jul 05, 2010 at 01:04:38PM -0700, Jim Julian wrote:
> Jul 05 12:01:48.158 [Notice] Tor has successfully opened a circuit. Looks
> like client functionality is working.
> Jul 05 12:01:48.159 [Notice] Bootstrapped 100%: Done.
> Jul 05 12:01:48.174 [Notice] Now checking whether ORPort 10.0.1.3:9001 and
> DirPort 10.0.1.3:9030 are reachable... (this may take up to 20 minutes --
> look for log messages indicating success)

This line means that Tor guessed your external IP address as 10.0.1.3.
That's not your external IP address -- if somebody else on the Internet
tries to go to that IP address, they won't make it to you.

You can read about RFC 1918 at
https://secure.wikimedia.org/wikipedia/en/wiki/Private_network

So the question is: what made Tor guess 10.0.1.3? My first thought is
that you typed that into the Address line in Vidalia. You should try
leaving that line blank. Then Tor will be willing to make better guesses
(by asking the other Tor relays that it connects to what address it's
connecting from).

> Jul 05 12:01:48.175 [Notice] No Tor server allows exit to [scrubbed]:9030.
> Rejecting.
> Jul 05 12:01:48.175 [Warning] Making tunnel to dirserver failed.

Ah ha. This one stymied me for a bit, but I have an answer here too.
Your Tor is trying to connect back to 10.0.1.3:9030, to see if it's
reachable. But every exit relay is refusing 10.* in their exit policy
(they don't want to let anybody connect to private services inside their
network), so your Tor can't even try it. This is normal, and the warning
should go away once your Tor starts guessing the correct external address.

And last, if you actually want this to be a private bridge (meaning you
have somebody in mind that you're going to give your bridge address to),
you should uncheck the "automatically distribute my bridge address"
checkbox on the Vidalia bridge setup page. If your Vidalia doesn't have
that checkbox, consider upgrading to a newer Vidalia bundle.

Hope that helps,
--Roger