cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Router Issue

Go to solution
ajjunit84
Active Participant

on ‎07-30-2009 7:56 AM

0 Kudos

Hi Experts

I am struck with an issue with SAP router.

When trying to open a service connection ,the connection is not opening.

Have checked the OSS1 settings :

sapser2 194.39.131.34 99

And enteries under SAPROUTER1 hostname ip 99

When trying to connect this is the error i am getting

========================================

sapserv2a:router permission denied (12.239.221.136 to oss001 ,sapdp01)

Location SAProuter 39.2 (SP4) on 'sapserv2a'

Time Thru JUL 30 08:48:40 2009

Component NI (network interface)

Release 710

Version 39

Return Code -93

Counter 49

========================================

1.The entry in service file is

sapmsO01 3616/tcp ??

2. saprouttab file

===============

#SNC-connection to SAP

KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *

P * sapserv2 *

  1. SNC-connection from SAP to local R/3-System for Support

KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.82.96 99

KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.82.96 3299

  1. outbound connections to <sapserv2> will use SNC

#KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.82.96 3299

#KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 3200

#Permission entries to check if the connection is allowed at all

P 192.168.82.96 194.39.131.34 *

P * * *

========================

Pls suggest.

Regards

Ajay

Edited by: Ajay Sandal on Jul 30, 2009 12:27 PM

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-04-2009 3:16 PM
0 Kudos

Ok, here comes one long post.

First, if you have changed IP address of your SAProuter then you must inform SAP of that change.

Second, I am a little puzzled with your settings:

- I do not think that you need "sapmsO01 3616/tcp" but I think it is not an error.

- I think that you should remove

P * sapserv2 *

because you already have

P 192.168.82.96 194.39.131.34 *

near the end of your file. Or at least change it to something like

P * 194.39.131.34 *

The idea is to change 'sapserv2' to ip address.

Not to mention that you have

P * * *

at the end which permits all of your hosts to use SAProuter to connect whereever they like. And all of us to connect to all of your internal servers which is bad.

- Are you sure about these two lines:

KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.82.96 99

KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.82.96 3299

They are effectively permitting SAP to connect to only one server: 192.168.82.96. Is that what you want? Or is this the IP address of another router inside your company? If this is the address of application server then it means that SAP can connect only to TCP ports 99 and 3299 on that server and these usualy are not ports of dispatcher. Maybe you should change these lines to something like:

KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <IP ADDRESS OF YOUR APPLICATION SERVER> *

Later you might want to change trailing '*' with real port number.

Show replies
Show replies
ajjunit84
Active Participant
‎08-05-2009 9:03 AM
0 Kudos

Thanks .

Well ,the application is not on 192.168.8296 server.Its on another servers.

Supose if i choose/add another ip address here ,what should be the port numbers there?? instead of 99 3299?

One more thing ,conection is opening in SMP ,but SAP is saying that they are getting time out error.

SAPOSS rfc is working fine.

Regards

Ajay

Former Member
‎08-05-2009 9:58 AM
0 Kudos

> 

> Supose if i choose/add another ip address here ,what should be the port numbers there?? instead of 99 3299?
>

It depends on what type of support connection are you expecting from SAP and what is you systems setup. For SAPGUI connection you should use port numbers your local users are using to connect: dispatcher (32XX) and maybe message server (36XX). If necessary you can write range of ports in saproutetab using something like this: "3200.3220";.

For the beggining you can write * for port number just to confirm that the rest of SAProuter setup is correct. Later you can change this to something more specific.

> 

> One more thing ,conection is opening in SMP ,but SAP is saying that they are getting time out error.
>

Could you provide some more information? You could turn logging in SAProuter. Just start it with -G <path to logfile>.

Edited by: Dragoljub Ljubicic on Aug 5, 2009 11:58 AM

ajjunit84
Active Participant
‎08-07-2009 8:46 AM
0 Kudos

Hi ,

I am starting it with

E:\usr\sap\saprouter>saprouter -r -G routerlog -S 3299 -K "p:CN=xXXSAP, OU=000

0705709, OU=SAProuter, O=SAP, C=DE" and below is the log file.

===

Fri Aug 07 03:23:54 2009 CONNECT FROM C1/- host 192.168.184.208/1484 (CHNSPXXXXX)

Fri Aug 07 03:23:54 2009 CONNECT TO S1/2 host 194.39.131.34/3299 (194.39.131.34) (p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE)

Fri Aug 07 03:23:58 2009 DISCONNECT C1/2 host 192.168.184.208/1484 (CHNSPXXXXX)

Fri Aug 07 03:26:05 2009 CONNECT FROM C2/- host 192.168.184.208/1490 (CHNSPXXXX)

Fri Aug 07 03:26:05 2009 CONNECT TO S2/1 host 194.39.131.34/3299 (194.39.131.34) (p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE)

Fri Aug 07 03:26:08 2009 DISCONNECT C2/1 host 192.168.184.208/1490 (CHNSPXXXXX)

=====

Yesterday ,its was showing message Connecting..but SAP was able to connect.

Today the message in SMP is "Host Did not respont 6 times".

Regards

Ajay

Former Member
‎08-07-2009 10:30 AM
0 Kudos

Those log entries shows that your internal server 192.168.184.208 was twice successful in connecting to SAP. But we are looking for entries like this one:

Fri Aug 07 01:01:01 2009 CONNECT FROM C13/- host 194.39.131.34/63711

We are looking for "CONNECT FROM" and 194.39.131.34 in the same line

If you cannot find anything similar in your log file than in indicates that SAP was never able to approach your SAProuter, and that you should investigate:

- your SAProuter settings in service.sap.com

- your company firewall(s)

Answers (2)

Answers (2)

Former Member
‎08-08-2009 10:01 AM
0 Kudos

Pl check ur LIVE ip gives ping and chek it with telnet.

also check RFC connection.

bhavesh

Show replies
Show replies
ajjunit84
Active Participant
‎08-12-2009 10:56 AM
0 Kudos

Thanks all for your help.

Still i am gettign error in SMP that host did not respond ,but SAP is able to connect to the systems.

I am closing this thread now.

Regards

Ajay

Former Member
‎07-30-2009 9:47 AM
0 Kudos

Check out [http://www.easymarketplace.de/saprouter.php]

Show replies
Show replies
ajjunit84
Active Participant
‎07-30-2009 1:28 PM
0 Kudos

I rechecked ,but its not working.

Any suggestion , SAPOSS rfc is also not working.

How to approach this. , i tried to run the niping service ,its throwing error??

Regards

Ajay

Former Member
‎07-30-2009 2:01 PM
0 Kudos

is the RFC user password correct ?

If it was working before and it is not working, most probably password issue or connection from your network to SAP.

Let us know if it fixes your issue

ajjunit84
Active Participant
‎08-04-2009 10:32 AM
0 Kudos

Hi ,

RFC is not working fine ,its throwing error

"Error Details ERROR: sapserv2a: route permission denied (12.239.221.136 to oss001, sapmsOSS

Error Details LOCATION: SAProuter 39.2 (SP4) on 'sapserv2a'

Error Details COMPONENT: NI (network interface)

Error Details RETURN CODE: -93"

Initially ,when i tried to open the connection ,it showed Connection Status as open.But SAP is not able to connect.

Regards

Ajay

Ask a Question