on 10-22-2009 5:56 AM
guys, this is kind of a newbie question and i would appreciate if you share your real life experiences. I am curious as to how the users normally access sap servers that are not hosted within the same LAN. Lets say servers are hosted in one city and the end users are located in another city in a totally seperate LAN. DO companies prefer to have a dedicated T1 connection or are the SAP servers normally put in the DMZ and the users nomrally access the servers over a regular internet connection ?? if we connect through the wan, isnt there a performance issue ? Also, I am a little confused about the role of saprouter in this. Is saprouter really needed for WAN connections and if so, why ?? Do we put saprouter in the DMZ and keep the sap servers in LAN ??? thnaks a lot.
I agree with Markus. The best way to provide access to a remote SAP system is to have VPN solution that allows your users access to the network where the SAP system runs. If all users are in the same network then you should have dedicated line to guarantee consistent speed. If you want to provide your users with access to the SAP system from home for example, then VPN solution where the user establishes VPN connection when needed is the best way to do it.
You should not allow direct access to the SAP system through Internet.
You could use any 3rd party VPN solution, which satisfies your needs For description of what saprouters do refer to the followin -> http://help.sap.com/saphelp_nw70/helpdata/en/4f/992d39446d11d189700000e8322d00/content.htm
Regards,
Ventsi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
ventsi/markus,
yes, all the end users are in the same remote network and I do not want that they have to trigger a client VPN application everytime they want to connect. So, should i go for a dedicated VPN connection ?? is such a dedicated connection even possible ?? how does it even work ?? can you suggest any software providers etc. ALso, is a dedicated VPN tunnel cheaper or a dedicated T1 circuit ? thanks
The following article describes 3 solutions to your issue:
http://articles.techrepublic.com.com/5100-10878_11-6072081.html
There are really "cheap" ways of setting up such VPN connected networks. All you need is an internet connection on both sides, no leased line T1 necessary between location A and B.
There are tons of firewall/VPN products outside, you can use e. g. Astaro if you want to use a ready made software or if you have some Linux knowledge you can even setup it for free.
Markus
For the saprouter system, you could place this into a DMZ or use something like a proxy to provide access to the internet.
For your SAP financial applications, it makes more sense to not put these into a DMZ and to use a secure line between locations. How many users will be connecting remotely? There are options such as VPN and Citrix that might provide connectivity for remote users without the need to setup a dedicated line.
J. Haynes
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.