Setting up SAP Router for SNC ... error...
Hi,
My SAP Router is installed on a server that is Linux based. (IP address is 10.11.0.24)
I'm not sure if is saprouttab or saprouter itself having issue.
I started the saprouter via this command: saprouter -r -G routerlog -W 60000 -S 3299 -K "p:CN=XXXXXXXX, OU=ZZZZZZZZZZ, OU=SAProuter, O=SAP, C=DE"
saprouttab
# SNC connection to and from SAP
KT "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 169.145.197.110 *
KT "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 10.11.0.24 3200
# SNC connection to local system for R/3-Support for support
KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 10.11.0.24 3200
KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 10.11.0.24 3201
KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 10.11.0.23 3200
# Access from local network to SAPNet (OSS)
P 10.11.0.* 169.145.197.110 3299
P * 10.11.0.* * *
# deny all other connections
D * * *
Troubleshooting steps taken:
Running niping -s on SAP Router Server & niping.exe -c -H 10.11.0.24 is successful, self-test is okay but... when running both niping -s & saprouter -r on SAP Router Server is giving me the following error:
C:\test>niping.exe -c -S 3299 -H 10.11.0.24
Wed Feb 05 14:51:29 2014
connect to server o.k.
Wed Feb 05 14:51:30 2014
*** ERROR => NiBufIProcMsg: hdl 1 received rc=-93 (NIEROUT_INTERN) from peer [nibuf.cpp 2146]
*** ERROR => NiTClientLoop: NiTReadLoop (rc=-93) [nixxtst.cpp 2590]
* LOCATION SAProuter 40.4 on 'XXXXXXXX'
* ERROR internal error
* TIME Wed Feb 5 14:51:29 2014
* RELEASE 720
* COMPONENT NI (network interface)
* VERSION 40
* RC -93
* MODULE nirout.cpp
* LINE 2698
* DETAIL NiRClientHandle: route expected
* COUNTER 2
C:\Users\tohcy\Desktop\test>niping.exe -c -S 3299 -H /H/10.11.0.24/H/10.11.0.24
Wed Feb 05 15:01:00 2014
*** ERROR => NiBufIProcMsg: hdl 1 received rc=-94 (NIEROUT_PERM_DENIED) from peer [nibuf.cpp 2146]
*** ERROR => NiBufIConnect: route connect for non-buffered hdl 1 failed (rc=-94;/H/10.11.0.24/H/10.11.0.24); pong not received [nibuf.cpp 4801]
*** ERROR => NiTClientLoop: NiHandle (rc=-94) [nixxtst.cpp 2590]
* LOCATION SAProuter 40.4 on 'XXXXXXXX'
* ERROR XXXXXXXX: route permission denied (YYY to 10.11.0.24, 3299)
* TIME Wed Feb 5 15:00:59 2014
* RELEASE 720
* COMPONENT NI (network interface)
* VERSION 40
* RC -94
* COUNTER 7
Hi Deepak,
I've changed to the P * * *
I run the command: niping.exe -c -S 3299 -H /H/10.11.0.24/H/10.11.0.23
Can I check if this command is correct?
Router is 10.11.0.24 trying to reach sap server 10.11.0.23.
Error:
Thu Feb 06 09:20:17 2014
*** ERROR => NiBufIProcMsg: hdl 1 received rc=-5 (NIETIMEOUT) from peer [nibuf.cpp 2146]
NiBufIConnect: route connect of non-buffered hdl 1 to '/H/10.11.0.24/H/10.11.0.23' timeout
*** ERROR => NiTClientLoop: NiHandle (rc=-5) [nixxtst.cpp 2590]
* ERROR timeout occured
* TIME Thu Feb 06 09:20:17 2014
* RELEASE 720
* COMPONENT NI (network interface)
* VERSION 40
* RC -5
* MODULE nibuf.cpp
* LINE 4795
* DETAIL NiBufIConnect: route connect '/H/10.11.0.24/H/10.11.0.23'
* timeout
* COUNTER 1
routerlog:
Thu Feb 6 09:27:21 2014 CONNECT FROM C19/- host 10.11.0.181/50107
Thu Feb 6 09:27:21 2014 CONNECT TO S19/12 host 10.11.0.23/3299
Thu Feb 6 09:28:21 2014 CONNECT ERR S19/12 could not establish connection within 60s
Thu Feb 6 09:28:21 2014 DISCONNECT S19/12 host 10.11.0.23/3299
10.11.0.181 is my computer current IP address.
Any other clues/hint?
Similar Messages
-
Does anybody know how to create encrypted connection (SNC) between two saprouters , and how could certificates be generated ? The possibility to do that between SAP and Clients exist and good documented. However I cannot find documentation how to make that between 2 Clients (for instance access per internet from one site to another).
thanks in advance
Boris D.For creating encrypted connection between 2 saprouter you are need to use an additional software known as SNC-adapter. This adapter is shipped by SAP to customer with limitations (due import/export laws for crypto software). You can buy this adapter from third-party also.
Any information concerining customizing of SAP components for SNC you can get from the SAP white paper "SNC User Guide" - www.sdn.sap.com/sdn/icc.sdn?page=network_security.htm (russian equivalent you can find by address http://www.sapbasis.ru/articles/sncuserguide/).
regards,
Mikhail -
Setting up Multicast Routing for Imaging on HP Switches
I've just spent a bit of time getting multicast imaging to work on our
HP ProCurve switched network so I thought I'd post what was necessary
so if anyone else had to look for it then they'd have some help.
You'll need a switch capable of routing such as a 5300 series that is
already routing regualr IP traffic. By default IGMP routing is disabled
so that multicast traffic will not cross VLANs. Here's how to change
that:
Log into the 5300 in Manager mode (aka Admin)
type "config" /goes into config mode
type "ip multicast routing" /sets up IGMP routing
type "router pim" /sets up Protocol Independant Multicast routing
type "vlan *" /where * is a VLAN numeric ID
type "ip igmp" /sets up IGMP routing on that VLAN
type "ip pim" /sets up PIM routing on that VLAN
Repeat those last three steps for all necessary VLANs
type "exit" /to get back out of config mode - you may have to do
that more than once
type "wri mem" to save the config changes
Then go out to any other switches in the network path for multicasts
and login in Manager mode
type "config"
type "vlan *" /where * is VLAN numeric ID
type "ip igmp" /turns on IGMP routing
Repeat those last two steps for all VLANs that need it
type "exit" /to get back out of config mode - you may have to do
that more than once
type "wri mem" to save the config changes
That's it and it meant I went from "Session Master not found" to "New
Image successful". I hope it helps somebody.
AndrewOn Fri, 22 Sep 2006 18:47:21 GMT, Andrew Ferris wrote:
> I've just spent a bit of time getting multicast imaging to work on our
> HP ProCurve switched network so I thought I'd post what was necessary
> so if anyone else had to look for it then they'd have some help.
Did somebody say coolsolutions?
http://www.novell.com/coolsolutions/...mit_a_tip.html
If you have already compiled drivers or have linux.2 please put them on
http://forge.novell.com/modules/xfmo...ect/?zfdimgdrv
Live BootCd and USB Disk from Mike Charles
http://forge.novell.com/modules/xfmod/project/?imagingx
eZie http://forge.novell.com/modules/xfmod/project/?ezie
Marcus Breiden
If you are asked to email me information please change -- to - in my e-mail
address.
The content of this mail is my private and personal opinion.
http://www.edu-magic.net -
I have an Outlook add-in that creates appointments to a load of Office 365 calendars. It used to work well but suddenly I have hit a problem.
The basic calling code is
Appointment appointment = new Appointment(exchangeService);
appointment.Subject = subject;
appointment.Body = body;
appointment.Location = location;
appointment.IsAllDayEvent = allDay;
appointment.LegacyFreeBusyStatus = LegacyFreeBusyStatus.Busy;
appointment.IsOnlineMeeting = false;
appointment.Save(SendInvitationsMode.SendToNone);
This still works fine on my own Office 365 mailbox but if I switch to another, using Impersonation, the Save line now throws the error "Set action is invalid for property."
There does not seem to be a problem with impersonation. The line
exchangeService.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, selectedUserEmail);
runs OK and afterwards the exchangeService's ImpersonatedUserID gives the correct email address.
If I look at the appointment object in the Watch window immediately after the line that creates it has run I can see that most of the properties have an entry like:
appointment.AdjacentMeetingCount' threw an exception of type 'Microsoft.Exchange.WebServices.Data.ServiceObjectPropertyException'.
Also, several properties including Subject are not listed in the expanded appointment object in the Watch window.
However, entering appointments.Subject explicitly in the Watch window does give the correct result.
I have used the floating watch to check the value of each property straight after it is set and each one is as expected.
I am at a loss as to what to check next and would be grateful for all ideas.
Mike VEThanks for the reply Jason. I did as you suggested and found that it was the IsOnlineMeeting that caused the problem. Once that was commented out everything worked as expected. On checking I see that this property is ReadOnly for everyone except the
organizer of the meeting. Clearly the Impersonate role is not regarded as the organiser.
I don't think it is going to matter so long as the user in whose calendar the appointment is created has fully access to the appointment, which seems to be the case.
Thanks for your help.
Mike VE -
Any SAP Note for RFC Error between BI and ECC 5.0
Hi..
the RFC Destination between BI and ECC 5.0 is giving errors.
Plz let me know if there is any Support pack or any solution to fix this error.
thanks..Hi,
pls find the RFC connection details
1 Prerequisites
1.1 User Roles
Use
With the Building Block Connectivity a configuration role for each component is provided to access all transactions relevant for the installation. The following roles are available:
Technical name Description File name for upload
B02_01C B02 - Connectivity Configuration Role (SAP R/3) B02_01C.SAP
B02_03C B02 - Connectivity Configuration Role (SAP BW) B02_03C.SAP
C71_04C B02 - Connectivity Configuration Role (SAP CRM) C71_04C.SAP
B02_04C_SRM B02 - Connectivity Configuration Role (SAP SRM) B02_04C_SRM.SAP
Procedure
Please upload the necessary roles and add them to your user, using transactions PFCG (Role Maintenance).
2 Local Settings
This chapter describes all local settings that are necessary for each component like SAP R/3, SAP SCM, SAP BW, SAP CRM or SAP SRM.
2.1 SAP R/3
2.1.1 Define Client Administration (SAP R/3)
Use
This activity allows you to change Customizing settings.
Prerequisites
You have logged on to the system in English in order to start with the installation of the Best Practices Scenario.
Procedure
Run the following activity:
SAP R/3 Role Menu Define Client Administration (SAP R/3)
Transaction Code SCC4
SAP R/3 Menu Tools Administration Administration Client Administration Client Maintenance
Then carry out the following steps:
1. Choose Display Change.
2. Confirm the warning message Caution: The table is cross client.
3. Select your SAP R/3 client and choose Details.
4. In the Change View Clients: Details screen, activate the following settings:
u2022 Automatic recording of changes
u2022 Changes to Repository and cross-client Customizing allowed
u2022 eCATT and CATT allowed.
5. Save.
6. Go back to the SAP Easy Access menu.
2.1.2 Defining a Logical System for SAP R/3 (SAP R/3)
Use
The purpose of this activity is to create a logical system for your SAP R/3 System. To enable communication between systems within your system landscape, you must
1. Define the systems as logical systems.
2. Assign the logical system for the SAP R/3 System to a client.
This enables the systems to recognize the target system as an RFC destination. If the logical system has already been created, skip this activity.
Logical systems are defined cross-client.
Procedure
Carry out the following steps:
1. Access the transaction using:
SAP R/3 Role Menu Defining a Logical System for SAP R/3 (SAP R/3)
Transaction Code SPRO
SAP R/3
IMG Menu Basis Components (for R/3 Enterprisse: SAP Web Application Server) Application Link Enabling (ALE) Sending and Receiving Systems Logical systems Define Logical System
2. Choose New entries.
3. In the column Log System, enter a name for the logical system that you want to create.
4. In the column Name, enter a description of the logical system.
Log. System Name
where XXX is the system name
and NNN is the client.
5. Save your entries.
A transport request for Workbench appears.
6. Select an existing request or create a new request, if necessary.
A transport request for Customizing appears.
7. Select an existing request or create a new request, if necessary.
2.1.3 Assigning Logical System to Client
Use
The purpose of this activity is to make an assignment for the logical system. Skip this activity if a logical system is already assigned to your client.
Procedure
Carry out the following steps:
1. Access the transaction using:
SAP R/3 Role Menu Assign Logical System to Client
Transaction Code SCC4
SAP R/3 Menu Tools Administration Administration Client Administration Client Maintenance
2. Choose Display ® Change.
3. Confirm the warning message The table is cross client.
4. Select your R/3 client and choose Details.
5. Enter the name of the logical system of your SAP R/3 client.
6. Save and confirm the warning message Be careful when changing the logical system.
7. Choose Back twice.
2.1.4 Creating an RFC User (SAP R/3)
Use
To enable communication between the SAP R/3 back-end system and the SAP SCM System, you have to create an RFC user in the SAP R/3 System.
The RFC user in the application client enables multiple RFC connections. Skip this activity if an RFC User has already been created.
Procedure
Carry out the following steps:
1. Access the transaction using:
SAP R/3 Role Menu Creating an RFC User (SAP R/3)
Transaction Code SU01
SAP R/3 Menu Tools Administration User Maintenance Users
2. In the User field, enter RFCUSER.
3. Choose Create.
4. On the Maintain User screen, enter the following data on the Tab entry screens:
Address
Last Name
Function
Logon data
User type System
Password LOGIN
Profile
Profiles SAP_ALL
SAP_NEW
S_BI-WX_RFC
Defaults
Logon Language EN
5. Save your entries.
2.3 SAP BW
2.3.1 Define Client Administration
Use
This activity defines changes and transports of the client-dependent and client-independent objects.
Procedure
1. To perform this activity, choose one of the following navigation options:
SAP BW Role Menu Local Settings ® Define Client Administration
Transaction Code SCC4
SAP BW Menu Tools Administration Administration Client Administration Client Maintenance
2. Switch to change mode.
3. Select your client.
4. Choose details.
5. In field Currency enter the ISO-code of the local currency, e.g. USD or EUR.
6. In field Client Role enter Customizing
7. Check the settings for changes and transport of client-specific objects and client-independent object changes
If you want to use the settings made by BC-Sets or manually in other systems (other than BW), u201CAutomatic recording of changesu201D and u201CChanges to Repository object and cross-client Customizing allowedu201D is required.
Result
Client administration has been defined to support the installation using Best Practices.
2.3.2 Defining a Logical System for SAP BW (SAP BW)
Use
In this step, you define the logical systems in your distributed system.
Prerequisites
Logical systems are defined cross-client. Therefore cross-client customizing must be allowed in your client (this can be checked in transaction SCC4).
Procedure
To carry out the activity, choose one of the following navigation options:
SAP BW Role Menu Defining a Logical System for SAP BW (SAP BW)
Transaction Code SPRO
IMG Menu SAP Reference IMG SAP Customizing Implementation Guide SAP NetWeaver Business Information Warehouse Links to other Systems General Connection Settings Define Logical System
1. A dialog box informs you that the table is cross-client. Choose Continue.
2. On the Change View u201CLogical Systemsu201D: Overview screen, choose New entries.
3. On the New Entries: Overview of Added Entries screen enter the following data:
Field name Description R/O/C User action and values Note
Log. System Technical Name of the Logical System Enter a name for the logical BW system that you want to create
Name Textual Description of the Logical System Enter a clear description for the logical BW system
4. Choose Save.
If a transport request for workbench and customizing is displayed choose existing requests or create new requests.
If you want to continue with the next activity, do not leave the transaction.
Result
You have created a Logical System Name for your SAP BW client.
2.3.3 Assigning Logical System to Client (SAP BW)
Procedure
To carry out the activity, choose one of the following navigation options:
SAP BW
Role Menu Assigning Logical System to Client (SAP BW)
Transaction Code SCC4
SAP BW Menu Tools Administration Administration Client Administration Client Maintenance
1. In the view Display View "Clients": Overview, choose Display. Change
2. Confirm the message.
3. Select your BW client.
4. Choose Details.
5. In the view Change View "Clients": Details, insert your BW system in the Logical system field, for example, BS7CLNT100.
6. Save the entries and go back.
2.3.4 Opening Administrator Workbench
Procedure
To carry out the activity, choose one of the following navigation options
SAP BW Modeling Administrator Workbench: Modeling
Transaction Code RSA1
1. In the Replicate Metadata dialog box, choose Only Activate.
2. If a message appears that you are only authorized to work in client ... (Brain 009) refer to SAP Note 316923 (do not import the support package, but use the description under section Workaround).
2.3.5 Creating an RFC-User (SAP BW)
Procedure
To carry out the activity, choose one of the following navigation options:
SAP BW Role Menu Creating RFC User
Transaction Code SU01
SAP BW Menu Tools Administration User Maintenance Users
Then carry out the following steps:
1. On the User Maintenance: Initial Screen screen:
a. Enter the following data:
Field Entry
User RFCUSER
b. Choose Create.
2. On the Maintain User screen:
a. Choose the Address tab.
b. Enter the following data:
Field Entry
Last Name RFCUSER
Function Default-User for RFC connection
c. Choose the Logon data tab.
d. Enter the following data:
Field Entry
Password LOGIN
User type System
e. Choose the Profiles tab.
f. Enter the following data:
Field Entry
Profiles SAP_ALL , SAP_NEW and S_BI-WHM_RFC
g. Choose Save.
Do not change the password of this user as it is used in RFC connections.
2.3.6 Define RFC-USER as default (SAP BW)
Procedure
To carry out the activity, choose one of the following navigation options
SAP BW Role Menu Define RFC-USER as default (SAP BW)
Transaction Code RSA1
SAP BW Menu Modeling Administrator Workbench: Modeling
1. On the Administrator Workbench: Modeling screen choose Settings Global Settings.
2. In the Global Settings/Customizing dialog box choose Glob. Settings.
3. On the Display View u201CRSADMINA Maintenance Viewu201D: Details screen:
a. Choose Display Change.
b. Enter RFCUSER in the BW User ALE field.
c. Choose Save.
Hope this helps in solving u r problem
Regards
Ramakrishna Kamurthy -
I want to set up my router for Peer To Peer connection.
I recently started playing a new game that requires Peer to Peer connection, and I lag a lot when I log in, so I was wonder what options I would have to check, How to enable/disable options to optimize my gaming connection.
What kind of router I have is MI424-WR Rev. E Actiontec. Or something along that line.. I was researching what to do and it had a lot to do with DMZ, Ports, and firewall. But any help would be appreciated.
Im off for tonight so I wont be able to check the post until like 9 hours from now. Goodnight
Oh if you need to know what game it is for some odd reason its Dungeon Fighters Online, or http://dungeonfighter.nexon.net/
I like arcade style games.
Oh and my brother connects to this router to and i want him to keep internet so none of the options can interfear with his internet connection.I took a quick look at the www site for the game, but did not see anything definite from the vendor on what port(s) the game uses.
You would need to set up you gaming machine with a Static TCP/IP Address and configure the Verizon Router with Port Forwarding of the ports used by the game. I would ONLY set it up in the DMZ if all else fails.
Note that the Verizon Router has a small NAT Table which may effect your ability to play a P2P game for extended periods of time.
If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it.
If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button. -
Help setting up Actiontec router for 3G Microcell
I have read through numerous forums here and elsewhere, all to no avail. I simply cannot get my 3G Microcell to connect. I have 4 green lights and the nonstop blinking 3G indicator. I've tried restoring default settings, numerous restarts of equipment, DMZ settings, port forwarding...nothing works. And calls to Att and verizon are nothing but a goat rope.I have FIOS 50/25 Internet with the Actiontec router.
It's is extremely frustrating, this shouldn't be so difficult, so I'm truly hoping there's someone out there with a concrete answer for this. Any help or advice would be most appreciated!Gigatel wrote:
I have read through numerous forums here and elsewhere, all to no avail. I simply cannot get my 3G Microcell to connect. I have 4 green lights and the nonstop blinking 3G indicator. I've tried restoring default settings, numerous restarts of equipment, DMZ settings, port forwarding...nothing works. And calls to Att and verizon are nothing but a goat rope.I have FIOS 50/25 Internet with the Actiontec router.
It's is extremely frustrating, this shouldn't be so difficult, so I'm truly hoping there's someone out there with a concrete answer for this. Any help or advice would be most appreciated!
FWIW, I am using an Actiontec router and an AT&T Microcell, both in default configuration, and I have no problem activating the Microcell.
If viafax999's ideas don't solve your issue, you might try posting your problem on the AT&T MicroCell forum:
https://forums.att.com/t5/3G-MicroCell/bd-p/3gmicrocell
There will likely be more users with experience specific to the MicroCell and it's potential problems there. -
How do I set up my router for use with only my laptop?
I want to use my WRT300N v1 broadband router wirelessly with only my laptop, but the set-up instructions I've seen involve wiring the router to a desktop. Can anyone provide me with the instructions I need?
Thanks.It is not an mandotary step to connect the Desktop to the Router... it just indicates that first you need ant computer connected to the router using cable & working online ....
If you want to go online with Laptop .... either you can connect the Laptop to the Router using Cable or you can wirelessly go online ,.....
Connect the Laptop to the router using Ethernet Cable ,,,,, at LAN port 1-4 .... Check the light status ... access setup page ...
Click on the Wireless tab on the Setup page- Here Wireless Network mode
should be mixed- Provide any non linksys network name ....
Name (SSID) box- Set wireless channel to 11- And wireless SSID
broadcast should be Enabled and then click on "Save Settings" >>Now
Click on the Sub tab under wireless > "Wireless Security" Change the
Wireless security mode to "WEP/WPA"...have a note of the key ... click save settings ...
On the Laptop try connecting to the Wireless network ...
See if it connects .... -
Hi,
I am searching for a SAP NOTE for an Error in MB01
Error is :Check Table BIWE: Entry 0004 not found.
Please let me know if anybody implemented note for this error.
Iam searching in SAP Marketplace but didn't find the right one.
<removed_by_moderator>
Thanks,
Rhea.
Edited by: rhea on Jul 24, 2008 4:21 PM
Edited by: Julius Bussche on Oct 7, 2008 5:09 PMError No is M7001.
This error is raised when the internal table BIWE and MSEG doesn't match ie. biwe-zeile NE mseg-zeile.
I searched with those keywords (BIWE , MB01) but didn't find the right one.
Regards,
Rhea. -
Connection to R/3 with SAP Router
Hello,
I want a connecton from XI 3.0 to R/3 with SAP Router.
But if i want to import the RFCs i become no connection.
I Edit Software Component Version, but there is it not possible to set any Sap Router String.
For Connection Data you can only set System, Client, Message Server and
Group.
I have also test to write the Router String before the Message Server IP without any sucess. Not enough Place to write the holfe Path in the Field.
I become no connection to the R/3 to import the RFCs.
Regards,
Robinpls check correct port number..
basis will give u this information. or u use tcode SCOT. -
Prerequisites for SNC SAP router
I want to configure SAP router in my system (intranet) which is not having any pubic ip. What are the Prerequisites for configuring SNC SAP router.
HI
There are many pre requisite for sap snc router
1) one system with Winwods
2) one Public IP I.e compulsary
after public IP U have to fill DATA Sheet and sent TO sap
With ur system name And Public ip
after that u have to download
sacar file for installed SAP router ( letest version )
And
Ond OSS User ID And Password
for cripto file just to below link
https://websmp210.sap-ag.de/~form/handler?_APP=00200682500000000917&_EVENT=DISPLAY
download letedst version according ur opration system
and make directory
e.g -. drive://usr/sap/saprouter
uncar ur letes version here and sart to sap router installtion
best of luck -
Hi,
I have (stupid perhaps) question.
Is this scenario possible:
SNC connection from SAP GUI to SAP Router, and non-SNC connection from SAP Router to SAP System.
I know how to set up scenario like this:
SAP System --- (non-SNC conn) --- saprouter1 --- (SNC conn) --- saprouter2 --- (non-SNC conn) --- SAP GUI.
Best regards,
Marek MajchrowskiWolfgang,
To be sure myself and Marek understand, can you confirm the different scenarios supported:
Scenario 1:
SAP GUI --- (non SNC conn) --- saprouter1 --- (SNC conn) --- saprouter2 --- (non-SNC conn) --- SAP System
With this scenario, it would be possible for a user to logon using SAP GUI onto the SAP System, but without SAP GUI SNC.
Scenario 2:
SAP GUI --- (SNC conn) --- saprouter1 --- (non SNC conn) --- saprouter2 --- (SNC conn) --- SAP System
With this scenario it would be possible to logon to the SAP System using SAP GUI, and using SNC authentication.
Also, with this scenario the SAP GUI software and SAP System software would consider this to be similar to:
SAP GUI -- (SNC conn) -- SAP System
Scenario 3:
This is the scenario mentioned by Marek in his initial question:
SAP GUI -- (SNC conn) -- saprouter1 -- (non SNC conn) -- SAP System
With this scenario it will not be possible to logon to SAP System using SNC, and only possible if the SAP GUI is configured to not use SNC. In other words the SNC connection between SAP GUI and saprouter1 is available, but cannot be used.
Thanks,
Tim
Edited by: Tim Alsop on Feb 25, 2008 5:24 PM -
SAP router error on windows server 2008 64bit
Hi All,
I am installing sap router on windows 2008 server 64 bit.
While trying to generate certificate request it showing below error.
E:\usr\sap\saprouter\nt-x86_64>sapgenpse get_pse -v -r certreq -p local.pse "CN=
solman, OU=000XXXXXXX, OU=SAProuter, O=SAP, C=DE"
Got absolute PSE path "C:\Users\soladm\sec\local.pse".
Please enter PIN:
Please reenter PIN:
Supplied distinguished name: "CN=solman, OU=000XXXXXXX, OU=SAProuter, O=SAP, C=
DE"
Creating PSE with format v2 (default)
get_pse: Can't create PSE.
ERROR in af_create: (4352/0x1100) could not flush : "SW-PSE"
ERROR in create_PSE: (4352/0x1100) could not flush : "SW-PSE"
ERROR in modified_PSEFile: (4352/0x1100) could not flush : "SW-PSE"
ERROR in flush_PSEFile: (1283/0x0503) Can't write file : "C:\Users\soladm\sec\lo
cal.pse"
ERROR in aux_OctetString2file: (1283/0x0503) Can't write file : "C:\Users\soladm
\sec\local.pse"
I couldn't find the cryptography software specifically for windows 2008 server 64 bit ? So I downloaded the software for windows server 64 bit platform.
Do any one have idea on this...
Please reply..
Regards
VinayHi,
Yes, there is no specific cryptography software for windows server 2008 and whatever u have chosen is correct.
Fom the following error message I could see where the issue arises.
Can't write file : "C:\Users\soladm\sec\local.pse"
I think you have not set the following ENV variable for the SAPRouter admin user (in your case soladm) and hence the sapgenpse tries to import the certificate in the SOLADM user's document folder.
Set the following variables for the user SOLADM and then try to import the certificate as mentioned in the [link|http://service.sap.com/saprouter-sncdoc].
SECUDIR = E:\usr\sap\saprouter
SNC_LIB = E:\usr\sap\saprouter\nt-x86_64\sapcrypto.dll
Hope this resolves ur issue.
Regards,
Varadharajan M -
Hello
I have installed solution manager 7.0 and then sap router is also configured on the same box.
1. To generate a certificate request,
sapgenpse get_pse -v -r D:\usr\sap\saprouter\certreq -p D:\usr\sap\saprouter\local.pse "CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE"
2. Then you have to request the certificate from
http://service.sap.com/tcs -> Download Area -> SAProuter Certificate
3. Create a file D:\usr\sap\saprouter\srcert and copy the requested
certificate into this file. :
sapgenpse import_own_cert -c D:\usr\sap\saprouter\srcert -p
D:\usr\sap\saprouter\local.pse
4. To generate credentials for the user that's running the SAProuter
service:
sapgenpse seclogin -p D:\usr\sap\saprouter\local.pse -O sapadmin
(this will create the file "cred_v2")
5. Check the configuration:
sapgenpse get_my_name -v -n Issuer
(Result: "CN=SAProuter CA, OU=SAProuter,
O=SAP, C=DE")
6. Create SAProuter service on Windows :
ntscmgr install SAProuter -b D:\usr\sap\saprouter\saprouter.exe -p
"service -r -R D:\usr\sap\saprouter\saprouttab -W 60000 -K "CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE"
7. Edit the Windows Registry key :
MyComputer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAProuter\ImagePath
8. Start the SAProuter service -- success
9. Enter the parameters in OSS1 -> Technical Settings -->
hostname : sbsapmgrapp01
IP: 10.1.0.112
instance : 00
SAP host name : sapserv2
IP: 194.39.131.34
instance:99
10. saprouttab
SNC-connection from and to SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
SNC-connection from SAP to local R/3-System for Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 10.1.0.112 3200
Access from the local Network to SAPNet - R/3 Frontend (OSS)
P 10.1.0.112 194.39.131.34 3299
deny all other connections
D * * *
when I check the sap-oss connection i am getting internal error. Any help would be appreciate..
Thanks
seshuHi Rahu
Thanks for your response. Here is my saprouttab entry's
SNC-connection from and to SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
SNC-connection from SAP to local Solman System for Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 10.1.0.112 3200
Access from the local Network to SAPNet - R/3 Frontend (OSS)
P 10.1.0.112 194.39.131.34 3299
P 10...* 194.39.131.34 *
Here is my dev_rout file..
trc file: "dev_rout", trc level: 1, release: "700"
Thu Oct 16 02:08:22 2008
SAP Network Interface Router, Version 38.10
command line arg 0: D:\usr\sap\saprouter\saprouter.exe
command line arg 1: -r
command line arg 2: -R
command line arg 3: D:\usr\sap\saprouter\saprouttab
command line arg 4: -W
command line arg 5: 60000
command line arg 6: -K
command line arg 7: p:CN=sbsapmgrapp01, OU=0000809350, OU=SAProuter, O=SAP, C=DE
SncInit(): Initializing Secure Network Communication (SNC)
PC with Windows NT (mt,ascii,SAP_UC/size_t/void* = 8/64/64)
SncInit(): Trying environment variable SNC_LIB as a
gssapi library name: "D:\usr\sap\saprouter\sapcrypto.dll".
File "D:\usr\sap\saprouter\sapcrypto.dll" dynamically loaded as GSS-API v2 library.
The internal Adapter for the loaded GSS-API mechanism identifies as:
Internal SNC-Adapter (Rev 1.0) to SECUDE 5/GSS-API v2
main: pid = 1684, ppid = 0, port = 3299, parent port = 0 (0 = parent is not a saprouter)
reading routtab: 'D:\usr\sap\saprouter\saprouttab'
Thu Oct 16 09:14:17 2008
***LOG Q0I=> NiPConnect2: connect (10061: WSAECONNREFUSED: Connection refused) [nixxi.cpp 2823]
ERROR => NiPConnect2: SiPeekPendConn failed for hdl 2 / sock 256
(SI_ECONN_REFUSE/10061; I4; ST; 194.39.131.34:3299) [nixxi.cpp 2823]
Thu Oct 16 09:14:20 2008
***LOG Q0I=> NiPConnect2: connect (10061: WSAECONNREFUSED: Connection refused) [nixxi.cpp 2823]
ERROR => NiPConnect2: SiPeekPendConn failed for hdl 2 / sock 256
(SI_ECONN_REFUSE/10061; I4; ST; 194.39.131.34:3299) [nixxi.cpp 2823]
Kindly suggest the changes in my saprottab file..
Thanks
seshu
Issue resloved..
Edited by: Seshagiri Rao Myneni on Oct 16, 2008 7:31 PM -
Error while checking connection after establishing sap router
Hello All,
I have installed a sap router on our solution manager on Linux environment
when i try to check the RFC connection from SM59 i am receiving the following error.
my message server is configured as follows
Msg. Server - /H/<SAP Router Ip>/S/sapdp99/H/194.39.131.34/S/sapdp99/H/oss001
<SAP Router> is my solman ip address
Connection Test SAPOSS
Logon Connection Error
Error Details Error when opening an RFC connection
Error Details ERROR: timeout while pending for route completion
Error Details LOCATION: SAP-Server sgtr-s-devs1d_S1D_67 on host sgtr-s-devs1d (wp 0)
Error Details DETAIL: NiErrSet
Error Details COMPONENT: NI (network interface)
Error Details COUNTER: 175
Error Details MODULE:
Error Details LINE:
Error Details RETURN CODE: -12
Error Details SUBRC: 0
Error Details RELEASE: 700
Error Details TIME: Wed Feb 22 23:33:20 2012
Error Details VERSION: 38
my oss1 tecnical settings are as follows.
sap router at customer side
Name sgtr-s-devs1d
IP Address 65.38.107.196
Instance no. 99
sap router at sap
Name sapserv2
IP Address 194.39.131.34
Instance no. 99
when i do a logon i get the following error
Unable to connect to SAPNet message server
(Default connection will be used...)
To check whether saprouter is working or not i have executed few commands
u2022 ps -ef|grep saprouter
s1dadm 9873 9590 0 05:53 pts/2 00:00:00 saprouter -r -S 3299 -V 3 -K p:CN=sgtr-s-devs1d, OU=0000858034, OU=SAProuter, O=SAP, C=DE
s1dadm 9951 9590 0 06:09 pts/2 00:00:00 grep saprouter
u2022 lsof -w -n -i tcp:3299
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
saprouter 9873 s1dadm 4u IPv4 5333574 0t0 TCP *:pdrncs (LISTEN)
u2022 fuser -n tcp 3299
3299/tcp: 9873
u2022 netstat -anp|grep :3299
tcp 0 0 0.0.0.0:3299 0.0.0.0:* LISTEN 9873/saprouter
In /usr/sap/saprouter
my saprouttab contains
SNC connection to and from SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
SNC-connection from SAP to local system for R/3-Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 65.38.107.196 3267
Access from your local Network to SAP
P 65.38.107.196 194.39.131.34 3299
All other connections will be denied
#D * * *
one thing i want to know is my saprouter started or did i miss any configuration how to check whether my sap router is started.
Please advice me if i miss any,
Thanks in advance,
Vardhan.Thanks for the quick reply.
sgtr-s-devs1d:s1dadm > saprouter -r
trcfile dev_rout
LOCATION SAProuter 38.10 on 'sgtr-s-devs1d'
ERROR service '0.0.0.0:3299' in use
TIME Thu Feb 23 07:23:36 2012
RELEASE 700
COMPONENT NI (network interface)
VERSION 38
RC -4
MODULE nixxi.cpp
LINE 3227
DETAIL NiIBindSocket
SYSTEM CALL bind
ERRNO 98
ERRNO TEXT Address already in use
COUNTER 2
looke like my sap router is on SAProuter 38.10
already i have started router earlier
Thanks!
Vardhan
Maybe you are looking for
-
Could not connect to the internet with my iPod Touch 4th Gen
I set up an wireless ad-hoc network with my windows vista computer with WPA-2 Personal security type, however, while trying to connect it from the iTouch, it keep saying incorrect password. When I tried setting up another wireless ad-hoc network with
-
Problem while calling an RFC Function Module in Background
Hello, I have created a RFC function module for reading data from an external DB system. The FM calls an external RFC program (coded in C++ using RFC SDK), which delivers the required data. This external program is maintainged as an TCP RFC Connectio
-
Column Headers in Excel using CLIENT_OLE2
Hello guys, I have muti record block that has 10 columns which I want to display in Excel. I created a procedure RUN_EXCEL and everything works fine when the button is pressed and the procedure is called. However, I want to add the column prompts and
-
I am using SMPlayer. Regular avi files work fine, but when playing 720p or higher quality videos (coded for example in matroska), I get this strange behaviour: Movie plays just fine for, say, 40 seconds, then it jerks abor about 0.5 second. This happ
-
Drilling from summary report to detail report - possible?
Hi All, I'm new to Business Objects and am currently using Web Intelligence with Business Objects 12.1. I'm writing a report that shows the % of males and % of females that like drinking Coca Cola. Is it possible for me to set the report to drill thr