I'm setting up a SAProuter connection between 2 of our servers and our SAP box.
The connection is working, but in the trace file I do notice this line, which I assume means that the traffic is not encrypted.
NiSncGetPeer: hdl 11 not SNC enabled
My question is, how can I enable SNC encryption on the traffic between the routers and SAP?
Here is my setup and saprouttab files:
SAProuter 1 (external network) --> SAProuter 2 (internal network) --> SAP
- I have installed a certificate from SAProuter 1 in the pse file of SAProuter 2.
- I have also installed the certificate from SAProuter 2 into the pse file of SAProuter 1
- Both saprouters are started with the -K param followed by the name of its own certificate.
saprouttab of SAProuter 1:
KT "p:CN=SAPRouter2cert" [Public_IP_SAProuter2] 3299 P [Private_IP_SAProuter1] [Public_IP_SAProuter2] *
saprouttab of SAProuter 2:
KT "p:CN=SAPRouter1cert" [Public_IP_SAProuter1] 3299<
KP "p:CN=SAPRouter1cert" [SAP_Internal_IP] *
P [Public_IP_SAProuter1] [SAP_Internal_IP] *
#Note that if this P line comes out then the connection does not work anymore.