Solved: saprouttab

former_member207130 · ‎07-17-2013

Hey,

i need some help. i setted up a new Sol Man 7.1 now i must connect my SolMan with the OSS and i get no Connection.

I installed the saprouter complete. But i have no clue how to do the saprouttab entries..

we have a linux firewall - <FW>

SolMan run on <SLM>

SAPserv (191.39.131.34 or Walldorf) <SAP>

i got following entries:

P <SAP> <FW>

P <FW> <SAP>

P <SLM> <FW>

i tried and modified some examples from forums but didnt work. The HDD from our old Solman 7.01 with the working saprouttab crashed so 😐

former_member206167 · ‎07-18-2013

Hi,

First you need two files:

SAPCRYPTO.sar

saprouter_xxxx.sar

As user <snc_adm> set the environment variables SNC_LIB and SECUDIR then go to http://service.sap.comSAPROUTER-SNCADD.

From the list of SAProuters registered to your installation, choose the relevant “Distinguished Name”.

Generate the certificate Request with the command:
sapgenpse get_pse -v -r certreq -p local.pse
“<Distinguished Name>”

Display the output file "certreq" and
with copy&paste (including the BEGIN and END statement) insert the
certificate request into the text area of the same form on the SAP Service
Marketplace from which you copied the Distinguished Name.

In response you will receive the certificate signed
by the CA in the Service Marketplace. Copy&paste the text to a new local
file named "srcert", which must be created in the same directory as
the sapgenpse executable.

Now you will have to create the credentials for the
SAProuter with the same program (if you omit -O <user_for_saprouter>, the
credentials are created for the logged in user account).
sapgenpse seclogin -p local.pse -O <user_for
_saprouter>Note: The account of the service user should always be
entered in full <domainname>\<username>

Check if the
certificate has been imported successfully with the following command:
sapgenpse get_my_name -v -n Issuer

Start the SAProuter with the following command line (to start the
SAProuter as a Windows service, please follow the steps described in SAP note
525751):
saprouter -r -S <port> -K "p:<Distingushed Name>"

-K tells the saprouter to start with loading the SNC library

# Example saprouttab

# SNC connection to and from SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP,C=DE" 194.39.131.34 *

# SNC connection to local system for R/3-Support
# R/3 Server: 192.168.1.1
# R/3 Instance: 00
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.1.1 3200

# SNC connection to local WINDOWS system for WTS, if applicable
# Windows server: 192.168.1.2
# Default WTS port: 3389
KP "p:CN=sapserv2, OU=SAProuter, O=SAP,C=DE" 192.168.1.2 3389

# SNC connection to local UNIX system for SAPtelnet,if applicable
# UNIX server: 192.168.1.3
# Default Telnet port: 23
KP "p:CN=sapserv2, OU=SAProuter, O=SAP,C=DE" 192.168.1.3 23

# SNC connection to local Portal system for HTTP URL access, if applicable
# Portal server: 192.168.1.4
# HTTP: 50003
KP "p:CN=sapserv2, OU=SAProuter, O=SAP,C=DE" 192.168.1.4 50003

# Access from the local Network to SAP
P 192.168.*.* 194.39.131.34 3299

# Deny all other connections
D * * *

Hope this helps

bxiv · ‎07-18-2013

You don't specify your FW in the route tab file, you have to specify the IP address of the SAP VPN you are connecting to; as it doesn't look like you are using the SNC way (software encrypted connection to SAP).

You also need to specify some port numbers or you will have issues with certain connection types from SAP.

saprouttab

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Re: sap.ui.RichTextEditor conflicting with sap cap...

Re: Connect to ABAP environment using RFC

ERROR: DEFAULT profile in the DB and in the file s...

Re: SAC - Blending Support in Optimized Design Mod...

sap.ui.RichTextEditor conflicting with sap cap app...