Gateway server NICs question
Hi,
I want to deploy a SCOM gateway server, but I am not sure, would this server have multi homed NICs? IE a NIC in the LAN and a NIC in the DMZ/WAN.
Thanks
SCOM doesn't need 2 NIC, It work with 1 NIC. Scom Gateway used to allow monitoring in another forest.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"Mai Ali | My blog:
Technical | Twitter:
Mai Ali
Similar Messages
-
Build a gateway server for private network ???
Hello all good friends,
I has a private network, and one Linux box with public IP address, two NICs connecting direct to ISP. Now, I want to set up this linux box to operate as Gateway server so that all my private networks can use Internet. I have asked this question to many peoples and got much suggestions such as install IPchains (NAT server), IPtables (NAT server), SQUID (Proxy server), ... But until now the big question to me is which software is the best one, I mean which software allow my private network accessing to Internet fastest ? (Proxy server or NAT server only ?) and which one is the most secure ? Besides, you know another opinion, please tell with me if you don't mind.
I very grateful to all of you answers me in all my life.
Tu from VietnamBest thing I would suggest is to buy a Gateway Router. I have D-Link 804, but you can buy anything that pleases you more or suits your demands. Also this way, you donot have to have a computer "turned-on" all the time. Some other advantages are that functions like DHCP, NAT and other features are built into the router. This way you can connect upto 253 Computers to a router and also have a 100Mb/sec, internal home network. You can also go for the wireless option, if you have more money to spend. Just look up on the net for more information.
i2l2 -
JCO Server implementation questions
Hi experts,
I want to try to create a JCO Server with the JCO 3 library.
I'm kinda lost in all the links I've found since there is still a lot of things from the JCO 2 on the internet and I don't understand everything I'm doing.
Please note that there is already a working Java JCO server with old IBM tools and we need to migrate to JCO 3.
So here are my questions :
What do I have to do exactly in the sm59 transaction ?
Here is what I get in the RSGWLST transaction http://i.imgur.com/IRgAyO8.png http://i.imgur.com/YyfDQbt.png (Loic-PC is my machine so I guess my java jco server is up.) Is everything ok ?
I have followed this link (Java Program for Creating a Server Connection - Components of SAP Communication Technology - SAP Library) to create my java jco server. What exactly are ServerDataProvider.JCO_GWHOST, ServerDataProvider.JCO_GWSERV and above all ServerDataProvider.JCO_PROGID)
How do I testmy Java JCO server ? I understood that I have to call STFC_TRANSACTION in se37 where I put my jco destination (previously set up in sm59 ?) and a string but I have a dump when I'm tying that.
I hope someone can help me, everything is still really blurry to me.
Regards
Here is the code I use to try to connect :
static String SERVER_NAME1 = "JCO_SERVER";
static String DESTINATION_NAME1 = "ABAP_AS_WITHOUT_POOL";
static String DESTINATION_NAME2 = "ABAP_AS_WITH_POOL";
static
Properties connectProperties = new Properties();
connectProperties.setProperty(DestinationDataProvider.JCO_ASHOST, "172.16.200.114");
connectProperties.setProperty(DestinationDataProvider.JCO_SYSNR, "00");
connectProperties.setProperty(DestinationDataProvider.JCO_CLIENT, "500");
connectProperties.setProperty(DestinationDataProvider.JCO_USER, "develop2");
connectProperties.setProperty(DestinationDataProvider.JCO_PASSWD, "passw0rd");
connectProperties.setProperty(DestinationDataProvider.JCO_LANG, "en");
createDataFile(DESTINATION_NAME1, "jcoDestination", connectProperties);
connectProperties.setProperty(DestinationDataProvider.JCO_POOL_CAPACITY, "3");
connectProperties.setProperty(DestinationDataProvider.JCO_PEAK_LIMIT, "10");
createDataFile(DESTINATION_NAME2, "jcoDestination", connectProperties);
Properties servertProperties = new Properties();
servertProperties.setProperty(ServerDataProvider.JCO_GWHOST, "sapdevdb02");
servertProperties.setProperty(ServerDataProvider.JCO_GWSERV, "sapgw00");
servertProperties.setProperty(ServerDataProvider.JCO_PROGID, "JCOServer");
servertProperties.setProperty(ServerDataProvider.JCO_REP_DEST, "ABAP_AS_WITH_POOL");
servertProperties.setProperty(ServerDataProvider.JCO_CONNECTION_COUNT, "2");
createDataFile(SERVER_NAME1, "jcoServer", servertProperties);Hi Loic.
The properties GWHost is Gateway Host and GWSERV stands for Gateway Server.
Please look at this link to get more details:
Possible Parameters (SAP Library - Components of SAP Communication Technology)
Could you please put your full code for this class?
I'm saying this because the code you have wrote only creates the propreties file that JCO uses to configure the server but you have to run your server through the main statement.
You have to do something like that on your StfcConnectionHandler class.
public static void main(String[] args) {
step1SimpleServer();
See my example:
StfcConnectionHandler class--------------------
package main;
import com.sap.conn.jco.JCoException;
import com.sap.conn.jco.JCoFunction;
import com.sap.conn.jco.server.DefaultServerHandlerFactory;
import com.sap.conn.jco.server.JCoServer;
import com.sap.conn.jco.server.JCoServerContext;
import com.sap.conn.jco.server.JCoServerFactory;
import com.sap.conn.jco.server.JCoServerFunctionHandler;
public class StfcConnectionHandler implements JCoServerFunctionHandler {
private static final String SERVER_NAME1 = "YOUR_SERVER_NAME";
public void handleRequest(JCoServerContext serverCtx, JCoFunction function) {
System.out
.println("----------------------------------------------------------------");
System.out.println("call : " + function.getName());
System.out
.println("ConnectionId : " + serverCtx.getConnectionID());
System.out.println("SessionId : " + serverCtx.getSessionID());
System.out.println("TID : " + serverCtx.getTID());
System.out.println("repository name : "
+ serverCtx.getRepository().getName());
System.out
.println("is in transaction : " + serverCtx.isInTransaction());
System.out.println("is stateful : "
+ serverCtx.isStatefulSession());
System.out
.println("----------------------------------------------------------------");
System.out.println("gwhost: " + serverCtx.getServer().getGatewayHost());
System.out.println("gwserv: "
+ serverCtx.getServer().getGatewayService());
System.out.println("progid: " + serverCtx.getServer().getProgramID());
System.out
.println("----------------------------------------------------------------");
System.out.println("attributes : ");
System.out.println(serverCtx.getConnectionAttributes().toString());
System.out
.println("----------------------------------------------------------------");
System.out.println("req text: "
+ function.getImportParameterList().getString("REQUTEXT"));
function.getExportParameterList().setValue("ECHOTEXT",
function.getImportParameterList().getString("REQUTEXT"));
function.getExportParameterList().setValue("RESPTEXT", "Hello World");
static void step1SimpleServer() {
JCoServer server;
try {
server = JCoServerFactory.getServer(SERVER_NAME1);
} catch (JCoException ex) {
throw new RuntimeException("Unable to create the server "
+ SERVER_NAME1 + ", because of " + ex.getMessage(), ex);
JCoServerFunctionHandler stfcConnectionHandler = new StfcConnectionHandler();
DefaultServerHandlerFactory.FunctionHandlerFactory factory = new DefaultServerHandlerFactory.FunctionHandlerFactory();
factory.registerHandler("STFC_CONNECTION", stfcConnectionHandler);
server.setCallHandlerFactory(factory);
server.start();
System.out.println("The program can be stopped using <ctrl>+<c>");
public static void main(String[] args) {
step1SimpleServer();
StepByStepServer class
package main;
import java.io.File;
import java.io.FileOutputStream;
import java.util.Properties;
import com.sap.conn.jco.ext.DestinationDataProvider;
import com.sap.conn.jco.ext.ServerDataProvider;
public class StepByStepServer
static String SERVER_NAME1 = "SERVER";
static String DESTINATION_NAME1 = "ABAP_AS_WITHOUT_POOL";
static String DESTINATION_NAME2 = "ABAP_AS_WITH_POOL";
static
Properties connectProperties = new Properties();
connectProperties.setProperty(DestinationDataProvider.JCO_ASHOST, "ls4065");
connectProperties.setProperty(DestinationDataProvider.JCO_SYSNR, "85");
connectProperties.setProperty(DestinationDataProvider.JCO_CLIENT, "800");
connectProperties.setProperty(DestinationDataProvider.JCO_USER, "farber");
connectProperties.setProperty(DestinationDataProvider.JCO_PASSWD, "laska");
connectProperties.setProperty(DestinationDataProvider.JCO_LANG, "en");
createDataFile(DESTINATION_NAME1, "jcoDestination", connectProperties);
connectProperties.setProperty(DestinationDataProvider.JCO_POOL_CAPACITY, "3");
connectProperties.setProperty(DestinationDataProvider.JCO_PEAK_LIMIT, "10");
createDataFile(DESTINATION_NAME2, "jcoDestination", connectProperties);
Properties servertProperties = new Properties();
servertProperties.setProperty(ServerDataProvider.JCO_GWHOST, "binmain");
servertProperties.setProperty(ServerDataProvider.JCO_GWSERV, "sapgw53");
servertProperties.setProperty(ServerDataProvider.JCO_PROGID, "JCO_SERVER");
servertProperties.setProperty(ServerDataProvider.JCO_REP_DEST, "ABAP_AS_WITH_POOL");
servertProperties.setProperty(ServerDataProvider.JCO_CONNECTION_COUNT, "2");
createDataFile(SERVER_NAME1, "jcoServer", servertProperties);
static void createDataFile(String name, String suffix, Properties properties)
File cfg = new File(name+"."+suffix);
if(!cfg.exists())
try
FileOutputStream fos = new FileOutputStream(cfg, false);
properties.store(fos, "for tests only !");
fos.close();
catch (Exception e)
throw new RuntimeException("Unable to create the destination file " + cfg.getName(), e);
Regards -
RD Gateway Manager fails with "Unable to read RD Gateway Server Settings"
The question is: Why can't I connect RD Gateway Manager on the local RD Gateway server?
A month ago, I successfully configured a RD Gateway and to work with a RD Session Host. I set up the RDG CAP and RAP policies. I successfully tested connectivity through the gateway.
Today, I tried to access the RD Gateway Manager and now I'm getting the following pop-up message:
"Unable to read RD Gateway Server Settings"
Everything still works and I am able to confirm that NPS is running the CAP policy that I configured in RD Gateway Manager.
The certificate is from a trusted source. The Event Log does not show any errors.Hi,
Thank you for posting in Windows Server Forum.
Please let us know some more information.
Did you make any change after setting up the server correctly?
Have you make any changes in IIS?
Please recheck your connection setting again with following link and provide us the result.
1. How To Work with RD Gateway in Windows Server 2012
2. Deploying Remote Desktop Gateway RDS 2012
Also go through this thread once.
Hope it helps!
Thanks.
Dharmesh Solanki -
How to find the Values of SAP Gateway Server Host and Gateway Service Valu
Hi All,
I installed SAPR/3 4.7 EE on Windows. For configuring SLD and LDAP i am unable to give the SAP Gateway Server Host and Gateway Service values.
Can any one plz suggest me how to find these values.
Regds
PhanikumarHello, SAP Gateway Server Host and Gateway Service are used to set up rfc connectivity, that is the host name and the system number where your sld and ldap is responding, if you have no sld and no ldap , just simply uncheck that options while installing.
Have a nice week end, Luciano. -
in portal 3 I was able to add and delete gateway server but I don't see that feature on the portal 6. is there are new way to add or delete gateway server(s)
I already have SRA installed it but it didn't ask me any question regarding portal server info. how do they authenticate each other? SRA is located on DMZ and portal server is inside private lan. should I create new profile from portal server or should I create it from both SRA and portal server? this is why I got confuse. ipsetup in portal 3 ask a lot of question for portal server so I didn't have to create profile but portal 6 looks like I need to crate profile but how do I publish this?
thanks Karthik for your input.
You would have to download the Secure Remote Access
from
http://wwws.sun.com/software/download/download/5327.ht
l
and then install it. A gateway service will be
created and a new a profile is created for each
gateway.
HTH .. -
Adding a management server and a gateway server in existing management group
we have a scom2012R2 management group in which a management server sits in forest/domain A and a gateway server in forest/domain B, C, D, etc.
Now we want to add a second management server in forest/domain A and a second gateway server in forest/domain B.
My understanding is to add a second management server in domain A, I just need to run the setup wizard and join it in to the existing management group. I also need to import the certificate in the new MS. Is this right?
When adding the second gateway server, do I have to run the gateway approve tool on the first management server?
Thanks in advanceYes, you are right, But to add a second management server in domain A, this server must join domain A.
To configure additional management server, you can refer below link
http://technet.microsoft.com/en-us/library/hh284673.aspx
And Also for adding second gateway, you will need to run gateway approve tool on the first management server and implement certificate.
http://technet.microsoft.com/en-us/library/hh456445.aspx
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer" -
SCOM Agents in DMZ via Gateway Server
I need to monitor all the web servers in our DMZ by placing a Gateway Server between them and SCOM RMS.
Jus a simple Question I have ................do I need to install certificates on all my web servers in DMZ to talk to SCOM Gateway Server or not????
If I need certificates on all my DMZ webservers then what is the purpose of a gateway server?
thanxHi There,
The certificate installation depends on the scenario.
Scenario 1# If the Gateway server is in domain but, the servers in DMZ are not part of domain. We need certificate for each server to create Trust with Gateway server. Otherwise Gateway may not authenticate agent servers due to domain mismatch. And AD authentication
is must while installing Agents.
Scenario 2# If the Gateway Server and Agent Servers are in same domain in DMZ. In this scenario we need to have certificate only for Agent Servers not for Agent Servers, as the agents will be authenticated using AD (due to same domain).
Scenario 3# If none of the Gateway server or Agent Server are in Domain. This case we need to issue certificate for each Server, including Gateway Server. This scenario the Gateway server will work as a mediator for communication only(in a Manner of speaking).
Be sure that Gateway server concept can be avoided with servers DMZ and not in domain, but this will increase the security risk by authorizing multiple endpoint rules in firewall.
Below link will give you more info about Gateway servers and its uses.
http://technet.microsoft.com/en-us/library/hh212823.aspx
http://technet.microsoft.com/en-us/library/hh230684.aspx
Thanks,
Goutam Nepak -
FIori Application on Portal, does we need gateway server?
Hi All
My company starting SAP FIORI implementation.
Upgradation of gateway server on 740 going on.
Also
same time upgrading Portal from 7.0 to 740.
Also
i heard about FLP on EP.
So
My question
1) it is possible to implement SAP FIORi apps on portal? (might be yes)
So
2) Does we need gateway server for this?
How it will work..
Tags edited by: Michael Applebyi gone through
How to integrate SAP Fiori apps into your Mobile Portal
seems need gateway server.
but quite confusing...
if SAP provide ESS MSS (sca) packages for Portal.
Why not sca file for SAP FIORI apps. so not need gateway server.
might be for security resion. -
How to issue a self-signed certificate to match Remote Desktop Gateway server address requested
I have an RDG server named gw.domain.local with port 3389/tcp forwarded from
gw.example.com.
Using RDGM snap-in I created a self-signed SSL certigicate with FQDN gw.example.com.
But when I connect over RDP from outside the local network I'm getting an error:
Your computer can't connect to the computer because the Remote Desktop Gateway server address requested and the certificate name do not match
Because certificate subject name is gw.domain.local indeed.
So there question is: how to issue a certificate properly, or how to assign an existing one the name to match?Hi,
Thanks for your post in Windows Server Forum.
The certificate error which you are facing seems like certificate mismatch error, something like the security certificate name presented by the TS Gateway server does not match the TS Gateway name. You can try reconnecting using the FQDN name of the TS Gateway
server. You can refer below article for more troubleshooting.
TS Gateway Certificates Part III: Connection Time Issues related to TS Gateway Certificates
And for creating a SSL certificate for RD gateway, you can refer beneath articles.
1. Create a Self-Signed Certificate for the Remote Desktop Gateway Server
2. Obtain a Certificate for the Remote Desktop Gateway Server
Hope it helps!
Thanks,
Dharmesh -
SCOM gateway server configuration steps
Can anybody share the SCOM gateway server configuration steps?
In addition, I would like to share the following with you for your reference:
Deploying Gateway Server in the Multiple Server, Single Management Group Scenario
http://technet.microsoft.com/en-us/library/bb432149.aspx
Deploying Gateway Server on Windows Server 2008
http://technet.microsoft.com/en-us/library/dd789059.aspx
Managing Gateway Servers in Operations Manager 2007
http://technet.microsoft.com/en-us/library/cc540382.aspx
Two items regarding the Gateway Server
http://blogs.technet.com/b/momteam/archive/2007/08/09/two-items-regarding-the-gateway-server.aspx
Powershell Commands to configure Gateway Server / Agent Failover
http://blogs.technet.com/b/jimmyharper/archive/2010/07/23/powershell-commands-to-configure-gateway-server-agent-failover.aspx
Hope this helps.
Thanks.
Nicholas Li - MSFT
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Remote App and Desktop RDP client never succeed to logon the RDS gateway server running Windows 2012R2
1. Client Os : Windows 7 Pro
2. Server OS : Windows Server 2012R2 with RDS broker and RDS Gateway server with 3.part Certificate with friendly name sky.mti-itservice.no activated.
The main problem is following: The RDP logon session never ends
Any ideas ?
Regards
Kenneth Knudsen
Email : [email protected]
mvh Kenneth Knudsen MCSE 2003 HP ASEHi Kenneth,
Here for your case suggest you to configure RDP session time limit so that your user can disconnect\log off once the specific time limit reached.
You can setup the session time limit in different method.
1. Open the Server Manager, select Remote Desktop Services.
2. In Remote desktop Services, in right side you can drop down to collections.
3. Select the collection which you want to edit the settings.
4. Under collections Properties, select Task and then Edit Properties.
5. In Properties dialog box, select Session.
6. You can find all thetimeout settings under session collection properties; edit according to your requirements and then OK.
And apart also by group policy setting as below.
Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
- Set time limit for disconnected sessions
- Set time limit for active but idle Remote Desktop Services sessions
- Set time limit for active Remote Desktop Services sessions
- End session when time limits are reached
Please check which setting suitable for your environment and you can apply for your case.
[Forum FAQ] Restrict number of Active Sessions in RDS 2012 and 2012 R2
https://social.technet.microsoft.com/Forums/en-US/00c2252b-8ec0-489f-8da2-07a434a9b5a2/forum-faq-restrict-number-of-active-sessions-in-rds-2012-and-2012-r2?forum=winserverTS
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Communication between the primary server the gateway server
hallo
Can I set the directional communication between the primary server the gateway server, so it feels by the following example?
And if so how?
Agent
à GW
ß GW
ß MS
*Agent communicates with GW1 and reported it
*GW SEND report to GW2
*GW2 Send the the data to MS
thanks
<o:p></o:p>
אם תגובתי פתרה את בעייתך - לחץ/י, על "סמן כתשובה" ליד סימן ה V הירוק.Hi,
As far as I know, Gateways dont talk to each other. Why you need two GW, with one GW and report to your management servers, this way should work.
Here is a similar thread for your reference:
https://social.technet.microsoft.com/Forums/systemcenter/en-US/323d5aab-bad4-4c23-b096-27a62757ae31/communications-between-2-gateway-servers-and-2-ms?forum=operationsmanagerdeployment
Regards,
Yan Li
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
SCOM Gateway Server Upgrade from 2012 SP1 to R2
Hi,
I am upgrading our SCOM environment from 2012 SP1 to R2. But unable to upgrade the Gateway Server. The installation of R2 setup stops with error message: "The operation manager gateway can't be installed on a computer on which the Operation Manager
management server, Operations Console, operational database, web console, agent, System Center Essentials, or System Center Service Manager is already installed."
I checked none of the above component is installed on the gateway server. Please suggest what is the issue?
Regards,
Daya RamHi,
Have you followed the steps below to upgrade a gateway server:
Log on to a computer that hosts the gateway server with an Operations Manager Administrators role account for your Operations Manager management group.
On the Operations Manager media, run Setup.exe.
In the Optional Installations area, click Gateway management server.
On the Welcome to the System Center 2012 R2 Operations Manager Gateway Upgrade Wizard page, click
Next.
On the The wizard is ready to begin gateway upgrade page, click
Upgrade.
On the Completing the System Center 2012 - Operations Manager Gateway Setup wizard page, click
Finish.
You may check below directory:
C:\Program Files\System Center 2012\Operations Manager
Regards,
Yan Li
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Remote Desktop "Bypass RD gateway server for local addresses" no longer working in Windows 8
Hi,
After installing windows 8, it seems like the "Bypass RD gateway server for local addresses" is no longer working.
In Windows 7, when the option is checked, I could have the server name set always and the client will automatically detect whether to use the RD gateway or not. For example, from my house, if I am connecting to a computer at my work, which requires
the RD gateway, it will automatically pops up the dialog for authentication method. However, if I connect to a computer in my home network, it will just automatically connects without asking authentication for the RD gateway.
However, after installing windows 8, this does not seem to work as expected anymore. The option is checked but the Windows Security dialog pops up in both situations and so i have to either save the rdp file locally and pin it to the taskbar or switch between
disabling and enabling the RD gateway whenever I need to connect to different machines.
Is this a regression in Windows 8? Is anyone else experiencing the same issue?
ThanksAnother way to resolve this issue for me, beside of configuring RDP to connect directly to server also on unmanaged network, will be to turn the "wifi" subnet in a managed network, as the "wired" subnet is.
The differences between thoses to subnets, dynamically assigned by the same DHCP server, are:
The "wifi" is in a private IP range, the "wired" is in a public IP range
There's an ACL on the "wifi" subnet, not on the "wired"
The next step is to compare frames send/received when on the two networks. Something will likely tell for the network to be managed.
Beside, I'm still searching informations about NLA, which is responsible for setting a nework as managed or not.
Here are some clues:
http://blogs.technet.com/b/networking/archive/2010/09/08/network-location-awareness-nla-and-how-it-relates-to-windows-firewall-profiles.aspx
http://social.technet.microsoft.com/Forums/windows/en-US/49ea0a6b-9c03-407d-8e26-24a92849a282/network-location-awareness-signature?forum=w7itpronetworking
If anybody has official MS informations about NLA (A for Awareness and not Authentication), please share!
Maybe you are looking for
-
I am unable to send any messages on iMessage
i am unable to send any messages on iMessage. I have never used it before so maybe I haven't set it up properly? When I choose a person to send a message to its fine, but when I type the message, the send button is grey and my message won't send. My
-
What are the solutions offered to handle length based or mill products?
We are on 11.5.10. Current version treats beams as each, we have 30 feet beams, 20 feet beams etc. We do not want to set-up different items for each length of beam. We need ability to tell we have 10 pieces of 26 feet beams in inventory. Currently we
-
I am trying to buy the personal year plan but I am unable to as the price keeps coming up as dollars. When I went to look, I realised that I have been set to being from Canada and am unable to change it please help.
-
I want to network two Macs...
I have been having a lot of trouble with this and I know it must be a simple process. I have a PowerBook G4 and an iMac G5 that I want to network over an airport network. Back in the day, I knew how to do it on OS 9, but this hasn't worked for me. I
-
My Macbook pro often won't start up since I installed Lion, and I have to shut it down using power button. My desktop icons don't appear and the dock won't open. I only have the little circle of color spinning endlessly. What's wrong now!