String saprouter & VPN
Hi,
I want to know if using the string of saprouter the consume of the bandwith is less than the consume for a VPN?
More thanks.
Whats your scenario?.... not enough information here
Similar Messages
-
Hi gurus,
I connect to a customer SAP server using saprouter and all works fine. What is the purpose of using also a VPN connection? Is it a matter of security? I'm not a network expert ...
Thanks
GuidoHi,
SAProuter & VPN are two different things.
SAProuter is the tool provided by SAP to access the SAP servers securely. You can configure the it as SNC-Secure Network Connection.
[http://help.sap.com/saphelp_nw04/helpdata/EN/4f/992d65446d11d189700000e8322d00/content.htm]
A virtual private network (VPN) is a private network that makes use of a public network (such as the Internet), while maintaining security and privacy through encryption and security procedures.
VPN's give companies an alternative to leasing an expensive, dedicated private connection from one office to another. Many businesses are using VPN on their servers to allow their employees to connect to their server from home.
If you are using VPN then there is no need to use the SAprouter.
Hope this helps you to understand.
Thanks,
Shambo -
Hello Experts,
I have been requested to setup new SAProuter with VPN 7.10 in our client SAP environment.
Kindly anyone provide pre-requests documents for this installation and configuration.
Appreciate your early help on good step by step documents for saprouter with vpn installation.
Thanks,
VenkatHello, here is a guide line:
1. Choose a connection type and apply for your connection.
2. Provide SAP with the data it needs to set up the connection between your SAProuter system and the SAP support server using the Remote Connection Data Sheet (SAP Note 0028976).
3. Configure your network components (e.g. SAProuter).
4. Once a remote connection is established, enter the required logical connections between your R/3 systems and SAP. You will find a description of this procedure in SAP Note 31515.
Not as detailed as you requested but feel free to ask for more details.
We need to know exactly what kind of connection is to be set up.
Hope this helps.
Regards,
Steve. -
Need to format a vpn log text file into a format that can be written directly to a SQL table
I am trying to do two thing inside of powershell
1. Take a vpnlog text file "C:\temp\ps3\vpnlogs\testlog.txt" formatted as such and be able to directly add the columns to a sql table
"Number" "Date" "Time" "Interface" "Origin" "Type" "Action" "Service" "Source Port" "Source" "Destination" "Protocol" "Rule"
"Rule Name" "Current Rule Number" "User" "Information" "Product" "Source Machine Name" "Source User Name"
"291" "29Nov2013" "23:59:00" "" "A*****" "Log" "Log In" "" "" "111.*.*.* " "A*****" "" "" "" "" "pet*******"
"VPN internal source IP: 192.*.*.*; reason: disconnected from gateway" "Security Gateway/Management" "" ""
2. Remove the empty colums in this text file so that I can then find a way to upload only colums that have a column name directly up to the sql table via a powershell script .
SO basically import txt file format it into colums that have data that can then be directly written to a sql table without me having to manually create the columns in the table. if this worked correctly the sql table would be uploaded with the colums and
data from sql.
I can do the upload portion with the below listed powershell command however when I import the following file into powershell I have to manually import the testlog.txt into excel then save as a csv to upload... not to mention I had to
manually create the columns in the sql table so that it imports correctly.
get-content "C:\temp\ps3\vpnlogs\testlog.txt" I can not get the data to format correctly without manually importing it into the logfiledata.csv.
$dt=Import-Csv-Path"C:\temp\ps3\vpnlogs\logfiledata.csv"|Out-DataTable
Write-DataTable -ServerInstance"myserver"-Database"mydata"-TableName"dbo.VPNLOGS"-Data$dt
I also have tried this to format the text file but it's not working the way I thought it should, but I don't want to have to create the .CSV file if I can avoid it I would rather take the data in powershell formatted and use the colums to
get-content"C:\temp\ps3\vpnlogs\testlog.txt"|Foreach-Object{
($_
-replace'"',',')
} |Set-Content"C:\temp\ps3\vpnlogs\testlog2.csv"
| Import-Csv
"C:\temp\ps3\vpnlogs\testlog2.csv"|selectNumber,date,time,interface,origin,type,action,service,"source
port",source,destination,protocol,rule,"rule
name","current
rule number",user,information,product,"source
machine name","source
user name"
"Number" "Date" "Time" "Interface" "Origin" "Type" "Action"
"Service" "Source Port" "Source" "Destination" "Protocol" "Rule" "Rule Na
me" "Current Rule Number" "User" "Information" "Product" "Source Machine Name" "Source User Name"
"473" "4Dec2013" "23:59:01" "" "AAMESXF604" "Log" "Log In" "" "" "ip72-198-30-53.ok.ok.cox.net" "AAMESXF604" "" "" ""
"" "usthompst"Thank you Mjolinor this seems to have given me a good output, now do you know of a method using the out-datable and write-datatable that I can use to directly upload the objects and data. Really I do not want to have to create another file at this
point I would like to take all of this info and now write it directly to my SQL-Table...
TypeName: Selected.System.Management.Automation.PSCustomObject
Name MemberType Definition
Equals Method bool Equals(System.Object obj)
GetHashCode Method int GetHashCode()
GetType Method type GetType()
ToString Method string ToString()
Action NoteProperty System.String Action=Log In
Current Rule Number NoteProperty System.String Current Rule Number=
Date NoteProperty System.String Date=4Dec2013
Destination NoteProperty System.String Destination=******
Information NoteProperty System.String Information=VPN internal source IP: *.*.*.*; reason: disconnected from gateway
Interface NoteProperty System.String Interface=
Number NoteProperty System.String Number=473
Origin NoteProperty System.String Origin=********
Product NoteProperty System.String Product=Security Gateway/Management
Protocol NoteProperty System.String Protocol=
Rule NoteProperty System.String Rule=
Rule Name NoteProperty System.String Rule Name=
Service NoteProperty System.String Service=
Source NoteProperty System.String Source=ip*-*-*-*.ok.ok.cox.net
Source Machine Name NoteProperty System.String Source Machine Name=
Source Port NoteProperty System.String Source Port=
Source User Name NoteProperty System.String Source User Name=
Time NoteProperty System.String Time=23:59:01
Type NoteProperty System.String Type=Log
User NoteProperty System.String User=******* -
Error connection with SAPRouter of RAC Service
Good Morning Experts, I propose my scenario.
I use RAC Service to connect with ICC test System. I must test XI-Content for NW-XI-CNT certification.
I have to use SAPGUI for Java to configure NX7 System and backend system.
My laptop is in lan that is protected by Firewall.
I've installed SAPRouter 7.00 (NI=38 - Version=10), I've done some test of connection and all is correct!
RAC Support had sended credentials of systems and SAProuter String.
This string is "/H/[your_server]/S/[your_port]/H/155.56.49.28/H/";
your_server = this is a private ip of server with my SAPRouter, when i execute an connection attempt this ip is changed with official public ip of my company;
your_port = is default 3299 (like recommendation) ;
if use this string via SAPGUI, this error is generated:
java.lang.Exception: Error: hostname ' ' unknown
Location: SAProuter 39.1 (SP3) on 'ld8360'
Wed May 6 16:49:41 2009
Release 710
Component NI (network interface), version 39
rc = -93, module nixxhsl.cpp, line 233
Detail NiHsLGetNodeAddr: hostname cached as unknown
at: com.sap.platin.r3.protocol.ni.GuiNiNetConnection.processOpenRequest(GuiNiNetConnection.java:329)
at: com.sap.platin.r3.protocol.ni.GuiNiNetConnection.handleOpenRequest(GuiNiNetConnection.java:158)
at: com.sap.platin.base.connection.GuiConnection.processCreateReply(GuiConnection.java:508)
at: com.sap.platin.base.connection.GuiConnection.handleCreateReply(GuiConnection.java:480)
at: com.sap.platin.r3.protocol.ni.GuiNiNetConnection.handleCreateRequest(GuiNiNetConnection.java:148)
at: com.sap.platin.base.connection.GuiConnection.open(GuiConnection.java:351)
at: com.sap.platin.base.application.GuiApplication.createConnection(GuiApplication.java:798)
at: com.sap.platin.base.logon.GuiLogonFrame.doConnect(GuiLogonFrame.java:838)
at: com.sap.platin.base.logon.util.SystemList$SymListener.mouseClicked(SystemList.java:1199)
at: java.awt.AWTEventMulticaster.mouseClicked(Unknown Source)
at: java.awt.AWTEventMulticaster.mouseClicked(Unknown Source)
at: java.awt.Component.processMouseEvent(Unknown Source)
at: javax.swing.JComponent.processMouseEvent(Unknown Source)
at: java.awt.Component.processEvent(Unknown Source)
at: java.awt.Container.processEvent(Unknown Source)
at: java.awt.Component.dispatchEventImpl(Unknown Source)
at: java.awt.Container.dispatchEventImpl(Unknown Source)
at: java.awt.Component.dispatchEvent(Unknown Source)
at: java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at: java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at: java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at: java.awt.Container.dispatchEventImpl(Unknown Source)
at: java.awt.Window.dispatchEventImpl(Unknown Source)
at: java.awt.Component.dispatchEvent(Unknown Source)
at: java.awt.EventQueue.dispatchEvent(Unknown Source)
at: com.sap.platin.micro.event.GuiEventQueue.dispatchEvent(GuiEventQueue.java:73)
at: java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at: java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at: java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at: java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at: java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at: java.awt.EventDispatchThread.run(Unknown Source)
I've debugged connection attempt, my request is arrived to SAPRouter of RAC Service.
In other connection attempt I've appended information of NX7 server to SAProuter string.
SAProuter string: "/H/[your_server]/S/[your_port]/H/155.56.49.28/H/[server_nx7]".
I saw this error:
java.lang.Exception: Error: ld8360: route permission denied ([my_public_ip] to [server_nx7], sapdp00)
Location: SAProuter 39.1 (SP3) on 'ld8360'
Wed May 6 17:02:06 2009
Release 710
Component NI (network interface), version 39
rc = -93,
at: com.sap.platin.r3.protocol.ni.GuiNiNetConnection.processOpenRequest(GuiNiNetConnection.java:329)
at: com.sap.platin.r3.protocol.ni.GuiNiNetConnection.handleOpenRequest(GuiNiNetConnection.java:158)
at: com.sap.platin.base.connection.GuiConnection.processCreateReply(GuiConnection.java:508)
Can someone give me some advice?
Edited by: m.genova on May 6, 2009 6:06 PMI've resolved the problem, the key of problem is SAProuter String.
SAPRouter String is used only for routing phase.
It needs aappend another string to SAPRouter String to connect with AS or Exchange infastructure correctly.
Complete String = SAPRouter String + "[server]/S/32[SystemNumber]"
in case of connection with nx7 system:
"/H/[your_server]/S/[your_port]/H/155.56.49.28/H/[server_nx7]/S/32[SystemNumberNX7]".
Bye
Edited by: m.genova on May 7, 2009 12:18 AM -
SAPROUTTAB Permissions Table location
I am a third part software developer without a local SAP installation and has to connect to the SAP test database facility. The scenario is SAPROUTER -> VPN -> SAPROUTER -> SAP.
We are in the very early stages and have just setup our VPN, got connection details from SAP etc. I am now attempting to setup the SAPROUTER on our side. However, each time we try and start SAPROUTER in a command window to see if settings are ok we get the following message:
"saprouttab table not found!".
Firstly, what filetype should be given to the SAPROUTTAB, is it a normal .TXT file?
Secondly, I created a C:\usr\sap\saprouter folder and the SAPROUTRTAB file resides in this folder.
I know this may sound absolutely stupid but I am stuck!There is no exact rule how to find a structure filled in.
I located the place from where this value is coming for FBL3N,the internal table it_pos defined in RFITEM_DEF.
If you can trace how this internal table filled you can identity how ebeln is populated.
Put a break point in program RFITEMGL following FM and check the value of internal table it_pos.
call function 'FI_ITEMS_DISPLAY'
exporting
caller_repid = c_repid_gl
acctype = c_koart_gl
x_opvw = x_gl_opvw
x_change = x_change
i_u_save = gd_alvsave
is_u_variant = gs_variant
it_u_fieldcat = gt_fieldcat[]
it_kontab = it_accts[]
it_slbtab = it_comps[]
it_t001 = it_h_t001[]
it_skat = it_h_skat[]
it_skb1 = it_h_skb1[]
x_grid = x_grid
x_inet = pa_inet
tables
it_items = it_pos.
About locating values how it filled,
Several ways exist to do this.
(1) F1 & F9 gives the field name then search where used list in se11.
(2) Using SQL trace u can i identify how a structure filled in but its a complex process.
Hope this helps,
Thanks,
vamshi tallada -
We have two saprouters - one local, another in DMZ:
SolMan->Local saprouter>DMZ saprouter-VPN--> SAP saprouter
As VAR partner the input in systems of the customer is necessary for us (via SolMan and action "Customer Connection via SAP Service Backbone"). But for our SolMan in parametres OLSAPROUTER and OLSAPROUTERPORT it is possible to specify only one saprouter.
There is a problem decision?
Many thanks
VitaliyNote 1390163 - ISV/VAR: Connection to end customer with second SAProuter
-
Dear Team,
We are going to access sap from out side internet without using the office VPN or network.
Now I want to set SAP Router string thru which any person who wants to access our SAP system can do so without getting into our VPN or network. Basically people in Sales when they are at the customer sites.
My saprouter is working fine, as SAP can login to our systems.The NAT is completed so that does not seem any issue.
find the below is our configuration..
Our sap router has configured in SOLMAN SERVER.
For Solman server below are the IP:
132.147.166.3 Private IP for internal access
210.18.50.134Public IP address.
ROUTAB file is in the below path C:\usr\sap\saprouter.
Below is the content of ROUTAB file
SNC connection to and from SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
SNC connection to local system for R/3-Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.19 3202
Access from the local Network to SAP
P 192.168.. 194.39.131.34 3299
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.11 5631
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.11 23
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.19 3389
P * 194.39.131.34 3299
P "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" * *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.7 3201
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.5 3200
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.5 3389
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.7 3389
deny all other connections
D * * *
Now I want to access my production server with ip =132.147.166.11from outside .
So I had configured the below setting in Sap GUI .
Application server=132.147.166.11 [public ip of server where saprouter has installed]
SAProuter String=/H/210.18.50.134/S/3299
system id=ELP
system number=02
but when i click on login it is showing below error..
router permission denied(210.18.50.134 to 132.147.166.11 ,sapdp02
location =saprouter 38.10 ON 'SOLMAN'
relese=700
version=38
returncode=-94
counter=012
Is it nacessary to make any change in routab file , as net work admin is saying problem is from saprouter to production server
please help us for the same
Regards
Rabin Nayak
SAP Basis TeamDear Sourabh,
Thanks for your support, I am using /H/210.18.50.134/H/132.147.166.11/H/ for production server only
& /H/210.18.50.134/H/132.147.166.5/H/ for my developement server.
Please find the below is the Log of dev_rout file.
trc file: "dev_rout", trc level: 1, release: "700"
Mon Mar 29 10:51:26 2010
SAP Network Interface Router, Version 38.10
command line arg 0: saprouter
command line arg 1: -r
command line arg 2: -S
command line arg 3: 3299
command line arg 4: -K
command line arg 5: p:CN=SOLMAN, OU=0000849045, OU=SAProuter, O=SAP, C=DE
SncInit(): Initializing Secure Network Communication (SNC)
PC with Windows NT (mt,ascii,SAP_UC/size_t/void* = 8/32/32)
SncInit(): Trying environment variable SNC_LIB as a
gssapi library name: "C:\usr\sap\saprouter\sapcrypto.dll".
File "C:\usr\sap\saprouter\sapcrypto.dll" dynamically loaded as GSS-API v2 library.
The internal Adapter for the loaded GSS-API mechanism identifies as:
Internal SNC-Adapter (Rev 1.0) to SECUDE 5/GSS-API v2
main: pid = 5260, ppid = 0, port = 3299, parent port = 0 (0 = parent is not a saprouter)
reading routtab: './saprouttab'
ERROR => invalid token (p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE) in IPadr-string, skip line 11 [nirout.cpp 8585]
Mon Mar 29 10:56:20 2010
checkRoute: route not permitted (15)
ERROR => NiRClientHandle: NiRExRouteCon for C1/-1 'mail.supremegroup.co.in' failed (rc=-94) [nirout.cpp 2243]
Mon Mar 29 10:56:44 2010
checkRoute: route not permitted (15)
ERROR => NiRClientHandle: NiRExRouteCon for C1/-1 'mail.supremegroup.co.in' failed (rc=-94) [nirout.cpp 2243]
Mon Mar 29 11:25:43 2010
checkRoute: route not permitted (15)
ERROR => NiRClientHandle: NiRExRouteCon for C1/-1 '210.18.50.134.sify.net' failed (rc=-94) [nirout.cpp 2243]
I had addedd another twolines in my routab file as below mentioned Hilited mark.
SNC connection to and from SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
SNC connection to local system for R/3-Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.19 3202
Access from the local Network to SAP
P 192.168.. 194.39.131.34 3299
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.11 5631
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.11 23
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.19 3389
P * 194.39.131.34 3299
P "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" * *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.7 3201
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.5 3200
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.5 3389
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.7 3389
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.5 3299
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.7 3299
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 132.147.166.11 3299
deny all other connections
D * * *
P * * *
I had checked my Public Ip already registered with SAP,still i am getting same error at time of login.
Regards
Rabin
Edited by: RABIN-SAP BASIS on Mar 29, 2010 8:03 AM -
SAProuter string in SAPlogon pad
Hi Team,
I have read the posts and followed the steps for configuring the saprouter entry in the SAPGui. For some reasons, I am just not able to connect to my SAP system thru the SAPgui. These are the details of our connection
SAProuter is installed as service on our SAP Dev box (windows 2003)
Public ip - 66.147.170.102
This public ip is NAT to the local SAP DEV box 192.168.101.4 where the saprouter is installed.
This is the saprouttab entry
#SNC-connection from and to SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34
#SNC-connection from SAP to local R/3 system for support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.101.4
3200
#Access from local network to SAPNet - R/3 Frontend
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" * *
P * 194.39.131.34 3299 password
D * * *
Can someone please give me the exact string that should be put in the SAPgui.
Thanks for your help
VishalHi Joe,
Thanks for your quick reply.
My objective is to come in from the internet without using the office VPN or network.
My saprouter is working fine, as SAP can login to our systems.
Now I want to set something thru which any person who wants to access our SAP system can do so without getting into our VPN or network. Basically people in Sales when they are at the customer sites.
The NAT is completed so that does not seem an issue.
I tried using the /H/public ip/H of our saprouter connection, but its not working. Also tried introducing a password in the saprouttab, restarted the service, and then tried with the W parameter, but did not work.
Normally what would be the string if I have to enter it in the SAPlogon.
Thanks,
Vishal -
How to remote connect from NWBC to r/3 with saprouter string
Hi Experts,
We've just installed and configure Business Client and succesfully login abap system, and i wonder is it possible to remote connect ERP 6.0 Abap system from Business Client via saprouter string,
Regards,Hi Atakan,
Did you solve the problem?. I need o do the same.
Regards,
Carlos. -
Hi,
well i am trying to set up a RFC Connection to a external 4.6c because i would like to send an IDoc into our XI. I have no clue if this will work, it seems not to work so I ask all of you if you could give me a hand to use the SAProuter-String inside a RFC-Connection.
I have the router-string, means the /H/Host/H/Service/H/ and also the IP-Adress of the 4.6c- System
Can u please help me?! best regards, Jens
btw, I already posted this question in the XI forum.Hi Rolf,
well i can only say that we can connect with the SAP-Logon via SAProuter-String - yes. From Client-side i have no clue because i am no admin
Thx for your detailed description - it's the way i did it.
BUT: i have also the IP-Adress of the target 4.6c system. But where to add this IP.
<b>what i have in detail:
Connection type 3
/H/<ip of saprouter seen from source system>/S/3299/H/<ip of 2. saprouter seen from 1. saprouter>/S/3299/H/<ip of destination system seen from saprouter box>
/H/62.XXX.YY.232/S/3299/H/170.XX.YY.54/S/3299/H/170.56.XXX.80
IP-Adress 1. SAProuter: 62.XXX.YY.232
IP-Adress 2. SAProuter: 170.XX.YY.54
destination system: 170.56.XXX.80
</b>
To make it clear: from SAP-Logon everything works fine - but in RFC-Dest. the connection fails!!
Have u any idea what could be wrong? the user is able to connect to the system....
br, cheers, Jens -
We found that the SAPROUTER String maintained in Service Connection
Data on SAP Marketplace was automatically changed to
/H/<LAN IP-address or hostname of your SAPRouter>/S/3299
Thereafter SAP Support is not able to logon to our SAP system through
SAP Router. We have checked all the setting for SAP Router and seems
fine.
Our firewall global IP address 59.163.51.149 which NAT to 10.1.2.199.
Kindly guide us the following route string is correct so that we will
update the corrected string.
/H/59.163.51.149/H/10.1.2.199/S/3299Hi
Just tell t o administrator to allow your IP (Router machine )
Amd sap server IP In your firewall
then sap can login your syste m definetly
best of luck -
New SAProuter with VPN to setup
Hello Gurus,
I have been requested to setup new SAProuter 7.00 in our SAP environment through VPN to be created.
Existing environment is as below :
SAP systems : R/3 4.6C
SAProuter release : v34
SAProuter host configuration : Windows 2003 (US) Entreprise Edition
SAProuter runs through router ISDN line 128KBits connected to our LAN...
As I already checked 'SAProuter 7.00 - Documentation' from http://service.sap.com/patches, I would like to know the 'step-by-step' procedure to proceed :
1. Can I setup new SAProuter even if we currently use existing SAProuter?
2. If NO, what is the procedure for testing my new SAProuter when installed?
3. Plus, can I 'upgrade' existing SAPRouter release to 7.00 then 'only' modify the network configuration? (note that I am checking documentation 'Remote Connectivity for mySAP.com Solutions over the Internet' from march 2001 to find solution : where finding newest release of this documentation?)
Thanks in advance for your insight!
Rgds,
zulainHello Hari,
As mentionned previously, we started a survey to change our SAProuter acrhitecture to SAProuter 7.0 version.
As we overviewed all prerequisites, I do require confirmation on the 2 following points :
1. As saprouter program will be installed on host which already exists
and is located in DMZ, the existing Windows operating system version is
W2003 Server Standard Edition in french version.
Thus, we would like SAP support to confirm that SAProuter program can
be installed and will run correctly on Windows 2003 Standard Edition in
french version as SAP note 690432 'Windows 2003 Support' mentions that
SAP supports such an hardware configuration if Windows Multilanguage
User Interface (MUI) kit is installed and that W2003 Standard Edition
is supported for 'test or small systems only' (only saprouter program
will run on this host)
2. One of the requirements of saprouter installation is to provide
public @IP to SAP.
As we get such an IP adress, we require SAP support to confirm that
this IP adress will work properly as below :
Saprouter will be installed on host which is located in DMZ (SAP
requirement) what does mean 'between our 2 firewalls'
Thus, connection from sap will be translated by first firewall which
will redirect to public adress provided
Question : Must the host on which saprouter will run have one and only
one IP adress?
As mentionned previously, host already exists and has already an IP
adress : then, public @IP provided will have to be translated by
firewall. Will such a configuration work fine?
Thanks in advance for your support.
Rgds,
Zulain -
Dear All
my company have VPN tunnel with SAP. I have put niping, saprouter and saprouttab under saprouter folder. As per my understanding since this is VPN connection i don't need to apply for saprouter certificate. now i am trying to start saprouter with command saprouter -r but getting this message ...i have put sapdp99 3299/tcp, sapgw99 3399/tcp and sapmsO01 3601/tcp entries in /etc/services. still facing problem. any help would be appreciated. i have assign saprouter folder to <sidadm> insted of creating new admin user.
LOCATION SAProuter 39.3 (SP4) on 'rpc7444'
ERROR partner '127.0.0.1:3299' not reached
TIME Tue Sep 7 08:33:40 2010
RELEASE 710
COMPONENT NI (network interface)
VERSION 39
RC -10
MODULE nixxi.cpp
LINE 3147
DETAIL NiPConnect2: 127.0.0.1:3299
SYSTEM CALL connect
ERRNO 111
ERRNO TEXT Connection refused
COUNTER 2
kind regards
Gurprinderjust to make sure i am on right track . Please check if these entries are correct.
i have put host entries in etc\hosts
<host IP> SAP-ROUTER
194.117.106.129 sapserv1
in service file etc\services
sapdp99 3299/tcp
sapgw99 3399/tcp
sapmsO01 3601/tcp
I HAVE RUN COMMAND BELOW...IS THIS MEAN ROUTER IS RUNNING??????????????
saprouter -l -H <host name>
Wed Sep 8 08:17:02 2010
SAP Network Interface Router, Version 38.10
Wed Sep 8 08:17:04 2010
peer SAProuter with NI version 39 ...
send info-request to running SAProuter ...
SAP Network Interface Router running on port 3299 (PID = 12188)
Started on: Wed Sep 8 08:15:00 2010
ID CLIENT | PARTNER service
+----
9 SAP-ROUTER | (no partner)
Total no. of clients: 1
Working directory : /
Routtab : /usr/sap/saprouter/saprouttab
kind regards
Gurprinder
Edited by: Gurprinder Padda on Sep 8, 2010 2:18 PM
I HAVE RUN COMMAND BELOW...IS THIS MEAN ROUTER IS RUNNING??????????????
saprouter -l -H <host name>
Wed Sep 8 08:17:02 2010
SAP Network Interface Router, Version 38.10
Wed Sep 8 08:17:04 2010
peer SAProuter with NI version 39 ...
send info-request to running SAProuter ...
SAP Network Interface Router running on port 3299 (PID = 12188)
Started on: Wed Sep 8 08:15:00 2010
ID CLIENT | PARTNER service
+----
9 SAP-ROUTER | (no partner)
Total no. of clients: 1
Working directory : /
Routtab : /usr/sap/saprouter/saprouttab
kind regards
Gurprinder -
Sapgui kerberos saprouter (no vpn)
Is there a way to do sso (kerberos) from sapgui from external customers using saprouter?
Eduardo,
If kerberos is installed on SAP ABAP system at customer and they are using an SNC library for internal use (you dind't mention which one) you can use same SNC library used on internal network on the remote workstations running SAP GUI. Thes users would also need to authenticate to AD using cached credentials or using a separate Kerberos authentication before they logon to SAP GUI and connect to the customers SAP ABAP system.
I don't see any need for SAP Router, or for SAP Cryptolib.
It is only possible for a SAP system to use one SNC library at a time, and it semes they already have an SNC library which they are using for internal users to logon.
In summary:
1) need to check correct ports are open on firewall
2) confirm if user can authenticate with AD on remote comptuer before they logon to SAP
It would be easier for me to help you if you had a detailed network diagram showing the connectivity involved. I want to make sure you understand how to solve this, and you would need to make sure the solution is secure.
Thanks,
Tim
Maybe you are looking for
-
Back up iPhone with content purchased under one iTunes ID to a computer using a different iTunes ID
Have iPhone 4 with OS7. Apps on phone purchased under personal iTunes ID. Want to back up on work laptop with another iTunes ID using iCloud for contacts.
-
How to use standard SAP stylesheets in WAD
Hello , I created a new Web template. Assigned a data provider, inserted a table. In order to view i include a Analaysis box in one of the cell of Table. Now i need to change the colours of result rows. How to use Standard Stylesheets provided by SAP
-
Dual Case Column names fail in select ORDER BY clause
This one is solved, but I thought someone might be able to explain why it happens. I'm a newbie, since I just downloaded Oracel XE last night, and am trying it out. I set up a trivial table with 4 text columns. As it happened, I used dual case for so
-
Mapping Runtime failing for all messages
Hi Experts, We are facing an issue with our mapping runtime in the integration engine. Any message going through the integration engine is giving a mapping error as shown below (for example): LinkageError during appliction Java mapping com/sap/xi/tf/
-
External DVD burner not recognized
February 2014 Mac Pro Final Cut Pro X A DVD burner and an LG BluRay burner. I believe the reason why I can't seem to burn either type of disc anymore is because I have plugged them into different USB ports over the many days I've been using these dev