on 12-05-2011 10:28 PM
Hello Everyone,
We are planning our landscape where we have separate VLAN's for production and non-productions systems.
We need to provide list of ports which are necessary for the communication between prod and non-prod SAP systems.(so that only those ports will be open for communication)
The only necessary ports we can think of rightnow are gateway ports (33XX).
The systems contain Java stack as well and the landscape include whole variety of systems (ECC, BI, SRM.PI,SOLMAN, BOE,NWDI...etc).
Can anyone know/think of other ports necessary for the prod-non. prod communication?
I am sure many of you will have such network configuration. Your help will be appreciated.
Thanks,
Nishit.
Hi,
You can use the 'netstat' system tool to check which port is already being used. The program returns the currently used ports of the server.
For Windows, the tool also returns the PID of the current processes when you use option "-o". For Linux, the option is "-p".
On Unix systems, you can use file "/etc/services" to assign the ports to the services. For Windows, you can find the file under "c:\Windows\system32\drivers\etc\services".
You should only process this file with an editor that automatically inserts a line feed at the end, otherwise you may not be able to read the last line.
You can find the current list of all ports used by SAP in the following document:
"TCP/IP Ports Used by SAP Applications"
You will find the document in the SAP Developer Network at:
https://wiki.sdn.sap.com/wiki/display/SI
Note that the SAP service name and port number resolution is consistent and always works in both directions.
For example:
sapdp00 -> 3200 -> sapdp00
For this, always enter the ports used by SAP at the beginning of the services file.
Regards
D.Mukunthan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nishit
Please find the below article
BTW , Any reason to have Prod and Non Prod on different VLAN
Cheers !
Manish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Security reason : hmm.. thats an interesting answer , glad to hear that people are considering security between their prod , non prod but to me its a bit unusual , again every company have their own way of thinking nothing is right or wrong.
To your question regarding port for nwdi --> DTR --> 5NN15 where NN is the instance number
If you wish you may close this forum now
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.