But it worked in the DMZ...?

Hey Everyone,

Thank you in advance for any help you provide, it is deeply appreciated. I don’t use TOR that much but it is extremely important in my humble opinion.

Anyhow, I recently got a middle relay up in Ubuntu, and it kept reporting this error.

[WARN] Your server (xx.xx.xx.xxx:443) has not managed to confirm that its ORPort is reachable. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
There is nothing in my /etc/hosts file…I don’t know if that is a problem or not, I also checked if the ports were listening where they should be and they were. In my mind the firewall was probably the issue.

So to confirm that it was a firewall issue I threw the machine on a router with a DMZ. The relay immediately worked like a charm, no errors, traffic flow, 3 flags (Running, V2Dir and Valid) and found the relay on Relay Search.

I then placed the machine back into a different router/controller that is more easily configurable ( Ubiquiti Dream Machine Pro ). Since that swap the relay was last seen early this morning but was considered down when I put it behind the Dream machine.

There is a lot of great advice online, but how much of it is outdated? Putting my ORPort on 443 seems like the smart move, which I found online and implemented. My understanding of placing anything on a DMZ is that the machine is one Shodan search away from being hacked. I don’t know what the next step is at this point. I have configured this router through the nose to allow traffic. I am missing something

Anyhow my /etc/tor/torrc info is as follows. Based on a post I read in here earlier today I need to make adjustments there as well.


Nickname *******
ContactInfo *******
ORPort 443
DirPort 9032
ExitRelay 0
SocksPort 0

ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1


ControlSocket /run/tor/control
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFile /run/tor/control.authcookie
CookieAuthFileGroupReadable 1


Log notice file /var/log/tor/notices.log

DataDirectory /var/lib/tor

ORPort Port_Number

Address Domain_name or IPAddress

Nickname Your_Nickname

ContactInfo Nickname <your_email_address>

ExitRelay 0

EntryStatistics 1
ConnDirectionStatistics 1

Again, thank you for your assistance.


For one reason or another the router was not performing port forwarding properly. Once I placed the relay on a different router and port forwarded again, it’s back to its old self.

Sometimes you just gotta speak these things out.