Setting up SAP Router for SNC ... error...

Similar Messages

• SAP Router and SNC

  Does anybody know how to create encrypted connection (SNC) between two saprouters , and how could certificates be generated ? The possibility to do that between SAP and Clients exist and good documented. However I cannot find documentation how to make that between 2 Clients (for instance access per internet from one site to another).
  thanks in advance
  Boris D.

  For creating encrypted connection between 2 saprouter you are need to use an additional software known as SNC-adapter.  This adapter is shipped by SAP to customer with limitations (due import/export laws for crypto software). You can buy this adapter from third-party also. 
  Any information concerining customizing of SAP components for SNC you can get from the SAP white paper "SNC User Guide" - www.sdn.sap.com/sdn/icc.sdn?page=network_security.htm (russian equivalent you can find by address http://www.sapbasis.ru/articles/sncuserguide/).
  regards,
  Mikhail

• Setting up Multicast Routing for Imaging on HP Switches

  I've just spent a bit of time getting multicast imaging to work on our
  HP ProCurve switched network so I thought I'd post what was necessary
  so if anyone else had to look for it then they'd have some help.
  You'll need a switch capable of routing such as a 5300 series that is
  already routing regualr IP traffic. By default IGMP routing is disabled
  so that multicast traffic will not cross VLANs. Here's how to change
  that:
  Log into the 5300 in Manager mode (aka Admin)
  type "config" /goes into config mode
  type "ip multicast routing" /sets up IGMP routing
  type "router pim" /sets up Protocol Independant Multicast routing
  type "vlan *" /where * is a VLAN numeric ID
  type "ip igmp" /sets up IGMP routing on that VLAN
  type "ip pim" /sets up PIM routing on that VLAN
  Repeat those last three steps for all necessary VLANs
  type "exit" /to get back out of config mode - you may have to do
  that more than once
  type "wri mem" to save the config changes
  Then go out to any other switches in the network path for multicasts
  and login in Manager mode
  type "config"
  type "vlan *" /where * is VLAN numeric ID
  type "ip igmp" /turns on IGMP routing
  Repeat those last two steps for all VLANs that need it
  type "exit" /to get back out of config mode - you may have to do
  that more than once
  type "wri mem" to save the config changes
  That's it and it meant I went from "Session Master not found" to "New
  Image successful". I hope it helps somebody.
  Andrew

  On Fri, 22 Sep 2006 18:47:21 GMT, Andrew Ferris wrote:
  > I've just spent a bit of time getting multicast imaging to work on our
  > HP ProCurve switched network so I thought I'd post what was necessary
  > so if anyone else had to look for it then they'd have some help.
  Did somebody say coolsolutions?
  http://www.novell.com/coolsolutions/...mit_a_tip.html
  If you have already compiled drivers or have linux.2 please put them on
  http://forge.novell.com/modules/xfmo...ect/?zfdimgdrv
  Live BootCd and USB Disk from Mike Charles
  http://forge.novell.com/modules/xfmod/project/?imagingx
  eZie http://forge.novell.com/modules/xfmod/project/?ezie
  Marcus Breiden
  If you are asked to email me information please change -- to - in my e-mail
  address.
  The content of this mail is my private and personal opinion.
  http://www.edu-magic.net

• [Exchange-Online][EWS][c#][Windows 8.1] When creating appointment using impersonation "Set action is invalid for property" error occurs.

  I have an Outlook add-in that creates appointments to a load of Office 365 calendars. It used to work well but suddenly I have hit a problem.
  The basic calling code is
  Appointment appointment = new Appointment(exchangeService);
     appointment.Subject = subject;
     appointment.Body = body;
     appointment.Location = location;
     appointment.IsAllDayEvent = allDay;
     appointment.LegacyFreeBusyStatus = LegacyFreeBusyStatus.Busy;
     appointment.IsOnlineMeeting = false;
     appointment.Save(SendInvitationsMode.SendToNone);
  This still works fine on my own Office 365 mailbox but if I switch to another, using Impersonation, the Save line now throws the error "Set action is invalid for property."
  There does not seem to be a problem with impersonation. The line
  exchangeService.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, selectedUserEmail);
  runs OK and afterwards the exchangeService's ImpersonatedUserID gives the correct email address.
  If I look at the appointment object in the Watch window immediately after the line that creates it has run I can see that most of the properties have an entry like:
  appointment.AdjacentMeetingCount' threw an exception of type 'Microsoft.Exchange.WebServices.Data.ServiceObjectPropertyException'.
  Also, several properties including Subject are not listed in the expanded appointment object in the Watch window.
  However, entering appointments.Subject explicitly in the Watch window does give the correct result.
  I have used the floating watch to check the value of each property straight after it is set and each one is as expected.
  I am at a loss as to what to check next and would be grateful for all ideas.
  Mike VE

  Thanks for the reply Jason. I did as you suggested and found that it was the IsOnlineMeeting that caused the problem. Once that was commented out everything worked as expected. On checking I see that this property is ReadOnly for everyone except the
  organizer of the meeting. Clearly the Impersonate role is not regarded as the organiser.
  I don't think it is going to matter so long as the user in whose calendar the appointment is created has fully access to the appointment, which seems to be the case.
  Thanks for your help.
  Mike VE

• Any SAP Note for RFC Error between BI and ECC 5.0

  Hi..
  the RFC Destination between BI and ECC 5.0 is giving errors.
  Plz let me know if there is any Support pack  or any solution to fix this error.
  thanks..

  Hi,
  pls find the RFC connection details
  1 Prerequisites
  1.1 User Roles
  Use
  With the Building Block Connectivity a configuration role for each component is provided to access all transactions relevant for the installation. The following roles are available:
  Technical name Description File name for upload
  B02_01C B02 - Connectivity Configuration Role (SAP R/3) B02_01C.SAP
  B02_03C B02 - Connectivity Configuration Role (SAP BW) B02_03C.SAP
  C71_04C B02 - Connectivity Configuration Role (SAP CRM) C71_04C.SAP
  B02_04C_SRM B02 - Connectivity Configuration Role (SAP SRM) B02_04C_SRM.SAP
  Procedure
  Please upload the necessary roles and add them to your user, using transactions PFCG (Role Maintenance).
  2 Local Settings
  This chapter describes all local settings that are necessary for each component like SAP R/3, SAP SCM, SAP BW, SAP CRM or SAP SRM.
  2.1 SAP R/3
  2.1.1 Define Client Administration (SAP R/3)
  Use
  This activity allows you to change Customizing settings.
  Prerequisites
  You have logged on to the system in English in order to start with the installation of the Best Practices Scenario.
  Procedure
  Run the following activity:
  SAP R/3 Role Menu Define Client Administration (SAP R/3)
  Transaction Code SCC4
  SAP R/3 Menu Tools  Administration  Administration  Client Administration  Client Maintenance
  Then carry out the following steps:
  1. Choose Display  Change.
  2. Confirm the warning message Caution: The table is cross client.
  3. Select your SAP R/3 client and choose Details.
  4. In the Change View Clients: Details screen, activate the following settings:
  u2022 Automatic recording of changes
  u2022 Changes to Repository and cross-client Customizing allowed
  u2022 eCATT and CATT allowed.
  5. Save.
  6. Go back to the SAP Easy Access menu.
  2.1.2 Defining a Logical System for SAP R/3 (SAP R/3)
  Use
  The purpose of this activity is to create a logical system for your SAP R/3 System. To enable communication between systems within your system landscape, you must
  1. Define the systems as logical systems.
  2. Assign the logical system for the SAP R/3 System to a client.
  This enables the systems to recognize the target system as an RFC destination. If the logical system has already been created, skip this activity.
  Logical systems are defined cross-client.
  Procedure
  Carry out the following steps:
  1. Access the transaction using:
  SAP R/3 Role Menu Defining a Logical System for SAP R/3 (SAP R/3)
  Transaction Code SPRO
  SAP R/3
  IMG Menu Basis Components (for R/3 Enterprisse: SAP Web Application Server)  Application Link Enabling (ALE)  Sending and Receiving Systems  Logical systems  Define Logical System
  2. Choose New entries.
  3. In the column Log System, enter a name for the logical system that you want to create.
  4. In the column Name, enter a description of the logical system.
  Log. System Name
  where XXX is the system name
  and NNN is the client.
  5. Save your entries.
  A transport request for Workbench appears.
  6. Select an existing request or create a new request, if necessary.
  A transport request for Customizing appears.
  7. Select an existing request or create a new request, if necessary.
  2.1.3 Assigning Logical System to Client
  Use
  The purpose of this activity is to make an assignment for the logical system. Skip this activity if a logical system is already assigned to your client.
  Procedure
  Carry out the following steps:
  1. Access the transaction using:
  SAP R/3 Role Menu Assign Logical System to Client
  Transaction Code SCC4
  SAP R/3 Menu Tools  Administration  Administration  Client Administration  Client Maintenance
  2. Choose Display ® Change.
  3. Confirm the warning message The table is cross client.
  4. Select your R/3 client and choose Details.
  5. Enter the name of the logical system of your SAP R/3 client.
  6. Save and confirm the warning message Be careful when changing the logical system.
  7. Choose Back twice.
  2.1.4 Creating an RFC User (SAP R/3)
  Use
  To enable communication between the SAP R/3 back-end system and the SAP SCM System, you have to create an RFC user in the SAP R/3 System.
  The RFC user in the application client enables multiple RFC connections. Skip this activity if an RFC User has already been created.
  Procedure
  Carry out the following steps:
  1. Access the transaction using:
  SAP R/3 Role Menu Creating an RFC User (SAP R/3)
  Transaction Code SU01
  SAP R/3 Menu Tools  Administration  User Maintenance  Users
  2. In the User field, enter RFCUSER.
  3. Choose Create.
  4. On the Maintain User screen, enter the following data on the Tab entry screens:
  Address
  Last Name
  Function
  Logon data
  User type System
  Password LOGIN
  Profile
  Profiles SAP_ALL
  SAP_NEW
  S_BI-WX_RFC
  Defaults
  Logon Language EN
  5. Save your entries.
  2.3 SAP BW
  2.3.1 Define Client Administration
  Use
  This activity defines changes and transports of the client-dependent and client-independent objects.
  Procedure
  1. To perform this activity, choose one of the following navigation options:
  SAP BW Role Menu Local Settings ® Define Client Administration
  Transaction Code SCC4
  SAP BW Menu Tools  Administration  Administration  Client Administration  Client Maintenance
  2. Switch to change mode.
  3. Select your client.
  4. Choose details.
  5. In field Currency enter the ISO-code of the local currency, e.g. USD or EUR.
  6. In field Client Role enter Customizing
  7. Check the settings for changes and transport of client-specific objects and client-independent object changes
  If you want to use the settings made by BC-Sets or manually in other systems (other than BW), u201CAutomatic recording of changesu201D and u201CChanges to Repository object and cross-client Customizing allowedu201D is required.
  Result
  Client administration has been defined to support the installation using Best Practices.
  2.3.2 Defining a Logical System for SAP BW (SAP BW)
  Use
  In this step, you define the logical systems in your distributed system.
  Prerequisites
  Logical systems are defined cross-client. Therefore cross-client customizing must be allowed in your client (this can be checked in transaction SCC4).
  Procedure
  To carry out the activity, choose one of the following navigation options:
  SAP BW Role Menu Defining a Logical System for SAP BW (SAP BW)
  Transaction Code SPRO
  IMG Menu SAP Reference IMG  SAP Customizing Implementation Guide  SAP NetWeaver  Business Information Warehouse  Links to other Systems  General Connection Settings  Define Logical System
  1. A dialog box informs you that the table is cross-client. Choose Continue.
  2. On the Change View u201CLogical Systemsu201D: Overview screen, choose New entries.
  3. On the New Entries: Overview of Added Entries screen enter the following data:
  Field name Description R/O/C User action and values Note
  Log. System Technical Name of the Logical System Enter a name for the logical BW system that you want to create
  Name Textual Description of the Logical System Enter a clear description for the logical BW system
  4. Choose Save.
  If a transport request for workbench and customizing is displayed choose existing requests or create new requests.
  If you want to continue with the next activity, do not leave the transaction.
  Result
  You have created a Logical System Name for your SAP BW client.
  2.3.3 Assigning Logical System to Client (SAP BW)
  Procedure
  To carry out the activity, choose one of the following navigation options:
  SAP BW
  Role Menu Assigning Logical System to Client (SAP BW)
  Transaction Code SCC4
  SAP BW Menu Tools  Administration  Administration  Client Administration  Client Maintenance
  1. In the view Display View "Clients": Overview, choose Display.  Change
  2. Confirm the message.
  3. Select your BW client.
  4. Choose Details.
  5. In the view Change View "Clients": Details, insert your BW system in the Logical system field, for example, BS7CLNT100.
  6. Save the entries and go back.
  2.3.4 Opening Administrator Workbench
  Procedure
  To carry out the activity, choose one of the following navigation options
  SAP BW Modeling  Administrator Workbench: Modeling
  Transaction Code RSA1
  1. In the Replicate Metadata dialog box, choose Only Activate.
  2. If a message appears that you are only authorized to work in client ... (Brain 009) refer to SAP Note 316923 (do not import the support package, but use the description under section Workaround).
  2.3.5 Creating an RFC-User (SAP BW)
  Procedure
  To carry out the activity, choose one of the following navigation options:
  SAP BW Role Menu Creating RFC User
  Transaction Code SU01
  SAP BW Menu Tools  Administration  User Maintenance  Users
  Then carry out the following steps:
  1. On the User Maintenance: Initial Screen screen:
  a. Enter the following data:
  Field Entry
  User RFCUSER
  b. Choose Create.
  2. On the Maintain User screen:
  a. Choose the Address tab.
  b. Enter the following data:
  Field Entry
  Last Name RFCUSER
  Function Default-User for RFC connection
  c. Choose the Logon data tab.
  d. Enter the following data:
  Field Entry
  Password LOGIN
  User type System
  e. Choose the Profiles tab.
  f. Enter the following data:
  Field Entry
  Profiles SAP_ALL , SAP_NEW and S_BI-WHM_RFC
  g. Choose Save.
  Do not change the password of this user as it is used in RFC connections.
  2.3.6 Define RFC-USER as default (SAP BW)
  Procedure
  To carry out the activity, choose one of the following navigation options
  SAP BW Role Menu Define RFC-USER as default (SAP BW)
  Transaction Code RSA1
  SAP BW Menu Modeling  Administrator Workbench: Modeling
  1. On the Administrator Workbench: Modeling screen choose Settings  Global Settings.
  2. In the Global Settings/Customizing dialog box choose Glob. Settings.
  3. On the Display View u201CRSADMINA Maintenance Viewu201D: Details screen:
  a. Choose Display  Change.
  b. Enter RFCUSER in the BW User ALE field.
  c. Choose Save.
  Hope this helps in solving u r problem
  Regards
  Ramakrishna Kamurthy

• I want to set up my router for Peer To Peer connection.

  I recently started playing a new game that requires Peer to Peer connection, and I lag a lot when I log in, so I was wonder what options I would have to check, How to enable/disable options to optimize my gaming connection.
  What kind of router I have is MI424-WR Rev. E Actiontec. Or something along that line.. I was researching what to do and it had a lot to do with DMZ, Ports, and firewall. But any help would be appreciated.
  Im off for tonight so I wont be able to check the post until like 9 hours from now. Goodnight
  Oh if you need to know what game it is for some odd reason its Dungeon Fighters Online, or http://dungeonfighter.nexon.net/
  I like arcade style games.
  Oh and my brother connects to this router to and i want him to keep internet so none of the options can interfear with his internet connection.

  I took a quick look at the www site for the game, but did not see anything definite from the vendor on what port(s) the game uses. 
  You would need to set up you gaming machine with a Static TCP/IP Address and configure the Verizon Router with Port Forwarding of the ports used by the game.  I would ONLY set it up in the DMZ if all else fails.
  Note that the Verizon Router has a small NAT Table which may effect your ability to play a P2P game for extended periods of time.
  If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it.
  If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

• Help setting up Actiontec router for 3G Microcell

  I have read through numerous forums here and elsewhere, all to no avail. I simply cannot get my 3G Microcell to connect. I have 4 green lights and the nonstop blinking 3G indicator. I've tried restoring default settings, numerous restarts of equipment, DMZ settings, port forwarding...nothing works. And calls to Att and verizon are nothing but a goat rope.I have FIOS 50/25 Internet with the Actiontec router.
  It's is extremely frustrating, this shouldn't be so difficult, so I'm truly hoping there's someone out there with a concrete answer for this. Any help or advice would be most appreciated!

  Gigatel wrote:
  I have read through numerous forums here and elsewhere, all to no avail. I simply cannot get my 3G Microcell to connect. I have 4 green lights and the nonstop blinking 3G indicator. I've tried restoring default settings, numerous restarts of equipment, DMZ settings, port forwarding...nothing works. And calls to Att and verizon are nothing but a goat rope.I have FIOS 50/25 Internet with the Actiontec router.
  It's is extremely frustrating, this shouldn't be so difficult, so I'm truly hoping there's someone out there with a concrete answer for this. Any help or advice would be most appreciated!
  FWIW, I am using an Actiontec router and an AT&T Microcell, both in default configuration, and I have no problem activating the Microcell.
  If viafax999's ideas don't solve your issue, you might try posting your problem on the AT&T MicroCell forum:
  https://forums.att.com/t5/3G-MicroCell/bd-p/3gmicrocell
  There will likely be more users with experience specific to the MicroCell and it's potential problems there.

• How do I set up my router for use with only my laptop?

  I want to use my WRT300N v1 broadband router wirelessly with only my laptop, but the set-up instructions I've seen involve wiring the router to a desktop. Can anyone provide me with the instructions I need?
  Thanks.

  It is not an mandotary step to connect the Desktop to the Router... it just indicates that first you need ant computer connected to the router using cable & working online ....
  If you want to go online with Laptop .... either you can connect the Laptop to the Router using Cable or you can wirelessly go online ,.....
  Connect the Laptop to the router using Ethernet Cable ,,,,, at LAN port 1-4 .... Check the light status ... access setup page ...
  Click on the Wireless tab on the Setup page- Here Wireless Network mode
  should be mixed- Provide any non linksys network name ....
  Name (SSID) box- Set wireless channel to 11- And wireless SSID
  broadcast should be Enabled and then click on "Save Settings" >>Now
  Click on the Sub tab under wireless > "Wireless Security" Change the
  Wireless security mode to "WEP/WPA"...have a note of the key ... click save settings ...
  On the Laptop try connecting to the Wireless network ...
  See if it connects ....

• SAP NOTE for Error in MB01

  Hi,
  I am searching for a SAP NOTE for an Error in MB01
  Error is :Check Table BIWE: Entry 0004 not found.
  Please let me know if anybody implemented note for this error.
  Iam searching in SAP Marketplace but didn't find the right one.
  <removed_by_moderator>
  Thanks,
  Rhea.
  Edited by: rhea on Jul 24, 2008 4:21 PM
  Edited by: Julius Bussche on Oct 7, 2008 5:09 PM

  Error No is M7001.
  This error is raised when the internal table BIWE and MSEG doesn't match ie. biwe-zeile NE mseg-zeile.
  I searched with those keywords (BIWE , MB01) but didn't find the right one.
  Regards,
  Rhea.

• Connection to R/3 with SAP Router

  Hello,
  I want a connecton from XI 3.0 to R/3 with SAP Router.
  But if i want to import the RFCs i become no connection.
  I Edit Software Component Version, but there is it not possible to set any Sap Router String.
  For Connection Data you can only set System, Client, Message Server and
  Group.
  I have also test to write the Router String before the Message Server IP without any sucess. Not enough Place to write the holfe Path in the Field.
  I become no connection to the R/3 to import the RFCs.
  Regards,
  Robin

  pls check correct port number..
  basis will give u this information. or u use tcode SCOT.

• Prerequisites for SNC SAP router

  I want to configure SAP router in my system (intranet) which is not having any pubic ip. What are the Prerequisites for configuring SNC SAP router.

  HI
  There are many pre requisite for sap snc router
  1) one system with Winwods
  2) one Public IP I.e compulsary
  after public IP U have to fill DATA Sheet and sent TO sap
  With ur system name And Public ip
  after that u have to download
  sacar file for installed SAP router ( letest version )
  And
  Ond OSS User ID And Password
  for cripto file just to below link
  https://websmp210.sap-ag.de/~form/handler?_APP=00200682500000000917&_EVENT=DISPLAY
  download letedst  version according ur opration system
  and make directory
  e.g -. drive://usr/sap/saprouter
  uncar ur letes version here and sart to sap router installtion 
  best of luck

• Is this possible: SNC connection from SAP GUI to SAP Router, and ...

  Hi,
  I have (stupid perhaps) question.
  Is this scenario possible:
  SNC connection from SAP GUI to SAP Router, and non-SNC connection from SAP Router to SAP System.
  I know how to set up scenario like this:
  SAP System --- (non-SNC conn) --- saprouter1 --- (SNC conn) --- saprouter2 --- (non-SNC conn) --- SAP GUI.
  Best regards,
  Marek Majchrowski

  Wolfgang,
  To be sure myself and Marek understand, can you confirm the different scenarios supported:
  Scenario 1:
  SAP GUI --- (non SNC conn) --- saprouter1 --- (SNC conn) --- saprouter2 --- (non-SNC conn) --- SAP System
  With this scenario, it would be possible for a user to logon using SAP GUI onto the SAP System, but without SAP GUI SNC.
  Scenario 2:
  SAP GUI --- (SNC conn) --- saprouter1 --- (non SNC conn) --- saprouter2 --- (SNC conn) --- SAP System
  With this scenario it would be possible to logon to the SAP System using SAP GUI, and using SNC authentication.
  Also, with this scenario the SAP GUI software and SAP System software would consider this to be similar to:
  SAP GUI -- (SNC conn) -- SAP System
  Scenario 3:
  This is the scenario mentioned by Marek in his initial question:
  SAP GUI -- (SNC conn) -- saprouter1 -- (non SNC conn) -- SAP System
  With this scenario it will not be possible to logon to SAP System using SNC, and only possible if the SAP GUI is configured to not use SNC. In other words the SNC connection between SAP GUI and saprouter1 is available, but cannot be used.
  Thanks,
  Tim
  Edited by: Tim Alsop on Feb 25, 2008 5:24 PM

• SAP router error on windows server 2008 64bit

  Hi All,
  I am installing sap router on windows 2008 server 64 bit.
  While trying to generate certificate request it showing below error.
  E:\usr\sap\saprouter\nt-x86_64>sapgenpse get_pse -v -r certreq -p local.pse "CN=
  solman, OU=000XXXXXXX, OU=SAProuter, O=SAP, C=DE"
  Got absolute PSE path "C:\Users\soladm\sec\local.pse".
  Please enter PIN:
  Please reenter PIN:
  Supplied distinguished name: "CN=solman, OU=000XXXXXXX, OU=SAProuter, O=SAP, C=
  DE"
  Creating PSE with format v2 (default)
  get_pse: Can't create PSE.
  ERROR in af_create: (4352/0x1100) could not flush : "SW-PSE"
  ERROR in create_PSE: (4352/0x1100) could not flush : "SW-PSE"
  ERROR in modified_PSEFile: (4352/0x1100) could not flush : "SW-PSE"
  ERROR in flush_PSEFile: (1283/0x0503) Can't write file : "C:\Users\soladm\sec\lo
  cal.pse"
  ERROR in aux_OctetString2file: (1283/0x0503) Can't write file : "C:\Users\soladm
  \sec\local.pse"
  I couldn't find the cryptography software specifically for windows 2008 server 64 bit ? So I downloaded the software for windows server 64 bit platform.
  Do any one have idea on this...
  Please reply..
  Regards
  Vinay

  Hi,
  Yes, there is no specific cryptography software for windows server 2008 and whatever u have chosen is correct.
  Fom the following error message I could see where the issue arises.
  Can't write file : "C:\Users\soladm\sec\local.pse"
  I think you have not set the following ENV variable for the SAPRouter admin user (in your case soladm) and hence the sapgenpse tries to import the certificate in the SOLADM user's document folder.
  Set the following variables for the user SOLADM and then try to import the certificate as mentioned in the [link|http://service.sap.com/saprouter-sncdoc].
  SECUDIR = E:\usr\sap\saprouter
  SNC_LIB = E:\usr\sap\saprouter\nt-x86_64\sapcrypto.dll
  Hope this resolves ur issue.
  Regards,
  Varadharajan M

• SAP Router internal error

  Hello
  I have installed solution manager 7.0 and then sap router is also configured on the same box.
  1. To generate a certificate request,
  sapgenpse get_pse -v -r D:\usr\sap\saprouter\certreq -p D:\usr\sap\saprouter\local.pse "CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE"
  2. Then you have to request the certificate from
  http://service.sap.com/tcs -> Download Area -> SAProuter Certificate
  3. Create a file D:\usr\sap\saprouter\srcert and copy the requested
  certificate into this file. :
  sapgenpse import_own_cert -c D:\usr\sap\saprouter\srcert -p
  D:\usr\sap\saprouter\local.pse
  4. To generate credentials for the user that's running the SAProuter
  service:
  sapgenpse seclogin -p D:\usr\sap\saprouter\local.pse -O sapadmin
  (this will create the file "cred_v2")
  5. Check the configuration:
  sapgenpse get_my_name -v -n Issuer
  (Result:  "CN=SAProuter CA, OU=SAProuter,
  O=SAP, C=DE")
  6. Create SAProuter service on Windows :
  ntscmgr install SAProuter -b D:\usr\sap\saprouter\saprouter.exe -p
  "service -r -R D:\usr\sap\saprouter\saprouttab -W 60000 -K "CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE"
  7. Edit the Windows Registry key :
  MyComputer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAProuter\ImagePath
  8. Start the SAProuter service  -- success
  9. Enter the parameters in OSS1 -> Technical Settings -->
  hostname : sbsapmgrapp01
  IP: 10.1.0.112
  instance : 00
  SAP host name : sapserv2
  IP: 194.39.131.34
  instance:99
  10. saprouttab
  SNC-connection from and to SAP
  KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
  SNC-connection from SAP to local R/3-System for Support
  KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 10.1.0.112 3200
  Access from the local Network to SAPNet - R/3 Frontend (OSS)
  P 10.1.0.112 194.39.131.34 3299
  deny all other connections
  D * * *
  when I check the sap-oss connection i am getting internal error. Any help would be appreciate..
  Thanks
  seshu

  Hi Rahu
  Thanks for your response. Here is my saprouttab entry's
  SNC-connection from and to SAP
  KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
  SNC-connection from SAP to local  Solman System for Support
  KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 10.1.0.112 3200
  Access from the local Network to SAPNet - R/3 Frontend (OSS)
  P     10.1.0.112     194.39.131.34     3299
  P     10...*     194.39.131.34     *
  Here is my dev_rout file..
  trc file: "dev_rout", trc level: 1, release: "700"
  Thu Oct 16 02:08:22 2008
  SAP Network Interface Router, Version 38.10
  command line arg 0:     D:\usr\sap\saprouter\saprouter.exe
  command line arg 1:     -r
  command line arg 2:     -R
  command line arg 3:     D:\usr\sap\saprouter\saprouttab
  command line arg 4:     -W
  command line arg 5:     60000
  command line arg 6:     -K
  command line arg 7:     p:CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE
  SncInit(): Initializing Secure Network Communication (SNC)
        PC with Windows NT (mt,ascii,SAP_UC/size_t/void* = 8/64/64)
  SncInit(): Trying environment variable SNC_LIB as a
        gssapi library name: "D:\usr\sap\saprouter\sapcrypto.dll".
    File "D:\usr\sap\saprouter\sapcrypto.dll" dynamically loaded as GSS-API v2 library.
    The internal Adapter for the loaded GSS-API mechanism identifies as:
    Internal SNC-Adapter (Rev 1.0) to SECUDE 5/GSS-API v2
  main: pid = 1684, ppid = 0, port = 3299, parent port = 0 (0 = parent is not a saprouter)
  reading routtab: 'D:\usr\sap\saprouter\saprouttab'
  Thu Oct 16 09:14:17 2008
  ***LOG Q0I=> NiPConnect2: connect (10061: WSAECONNREFUSED: Connection refused) [nixxi.cpp 2823]
  ERROR => NiPConnect2: SiPeekPendConn failed for hdl 2 / sock 256
      (SI_ECONN_REFUSE/10061; I4; ST; 194.39.131.34:3299) [nixxi.cpp    2823]
  Thu Oct 16 09:14:20 2008
  ***LOG Q0I=> NiPConnect2: connect (10061: WSAECONNREFUSED: Connection refused) [nixxi.cpp 2823]
  ERROR => NiPConnect2: SiPeekPendConn failed for hdl 2 / sock 256
      (SI_ECONN_REFUSE/10061; I4; ST; 194.39.131.34:3299) [nixxi.cpp    2823]
  Kindly suggest the changes in my saprottab file..
  Thanks
  seshu
  Issue resloved..
  Edited by: Seshagiri Rao Myneni on Oct 16, 2008 7:31 PM

• Error while checking connection after establishing sap router

  Hello All,
  I have installed a sap router on our solution manager on Linux environment
  when i try to check the RFC connection from SM59 i am receiving the following error.
  my  message server is configured as follows
  Msg. Server - /H/<SAP Router Ip>/S/sapdp99/H/194.39.131.34/S/sapdp99/H/oss001
  <SAP Router> is my solman ip address
  Connection Test SAPOSS
  Logon     Connection Error
  Error Details     Error when opening an RFC connection
  Error Details     ERROR: timeout while pending for route completion
  Error Details     LOCATION: SAP-Server sgtr-s-devs1d_S1D_67 on host sgtr-s-devs1d (wp 0)
  Error Details     DETAIL: NiErrSet
  Error Details     COMPONENT: NI (network interface)
  Error Details     COUNTER: 175
  Error Details     MODULE:
  Error Details     LINE:
  Error Details     RETURN CODE: -12
  Error Details     SUBRC: 0
  Error Details     RELEASE: 700
  Error Details     TIME: Wed Feb 22 23:33:20 2012
  Error Details     VERSION: 38
  my oss1 tecnical settings are as follows.
  sap router at customer side
  Name          sgtr-s-devs1d
  IP Address    65.38.107.196
  Instance no.  99
  sap router at sap
  Name          sapserv2
  IP Address    194.39.131.34
  Instance no.  99
  when i do a logon i get the following error
  Unable to connect to SAPNet message server
  (Default connection will be used...)
  To check whether saprouter is working or not i  have executed few commands
  u2022     ps -ef|grep saprouter
  s1dadm    9873  9590  0 05:53 pts/2    00:00:00 saprouter -r -S 3299 -V 3 -K p:CN=sgtr-s-devs1d, OU=0000858034, OU=SAProuter, O=SAP, C=DE
  s1dadm    9951  9590  0 06:09 pts/2    00:00:00 grep saprouter
  u2022     lsof -w -n -i tcp:3299
  COMMAND    PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
  saprouter 9873 s1dadm    4u  IPv4 5333574      0t0  TCP *:pdrncs (LISTEN)
  u2022     fuser -n tcp 3299
  3299/tcp:             9873
  u2022     netstat -anp|grep :3299
  tcp        0      0 0.0.0.0:3299            0.0.0.0:*               LISTEN      9873/saprouter
  In /usr/sap/saprouter
  my saprouttab contains
  SNC connection to and from SAP
  KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
  SNC-connection from SAP to local system for R/3-Support
  KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 65.38.107.196  3267
  Access from your local Network to SAP
  P 65.38.107.196 194.39.131.34 3299
  All other connections will be denied
  #D * * *
  one thing i want to know is my saprouter started or did i miss any configuration how to check whether my sap router is started.
  Please advice me if i miss any,
  Thanks in advance,
  Vardhan.

  Thanks for the quick reply.
  sgtr-s-devs1d:s1dadm > saprouter -r
  trcfile  dev_rout
  LOCATION    SAProuter 38.10 on 'sgtr-s-devs1d'
  ERROR       service '0.0.0.0:3299' in use
  TIME        Thu Feb 23 07:23:36 2012
  RELEASE     700
  COMPONENT   NI (network interface)
  VERSION     38
  RC          -4
  MODULE      nixxi.cpp
  LINE        3227
  DETAIL      NiIBindSocket
  SYSTEM CALL bind
  ERRNO       98
  ERRNO TEXT  Address already in use
  COUNTER     2
  looke like my sap router is on SAProuter 38.10
  already i have started  router earlier
  Thanks!
  Vardhan