cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable to start NWA

Go to solution
Former Member

on ‎08-28-2013 11:45 AM

0 Kudos

Hi All

                   while starting the NWA it showing below error .please can any one help me to fix this issue.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-28-2013 12:25 PM
0 Kudos

Hi,

Did yuo read note 1451753 - Filtering administration requests for AS Java ?

You have to configure modification handler:

HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

Check note attachemnt for example file.

BR,

Kami


Show replies
Show replies
Former Member
‎08-29-2013 6:39 AM
0 Kudos

Hi kamil

    I Configured  HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt .  i nwent through sap note 1451753..but unbale get below points

You must then create the rule file in the specified directory and specify the filter rules.

  • If you want to prevent access to administration requests completely, you should define the following rule:

           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you want to prevent access to administration requests for external administration, you should define the following rule:

           if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]           if %{REMOTE_ADDR} !stricmp ::1           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you want to allow access to administration requests for certain network segments (for example, 10.18.*), you should define the following rule:

           if %{REMOTE_ADDR} !regimatch 10.18.*.*           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you do not want to restrict access to the administration requests to certain clients, remove the lines from the file or turn the lines into a comment:

           #if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]           #if %{REMOTE_ADDR} !stricmp ::1           #RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]          

  • The syntax for IPv6 addresses is as follows:
    • Local host is the string "::1"
    • An example for an IPv6 address is "fe80::21c:c4ff:fedc".

can any explain this...

Thanks

suresh chirra

Former Member
‎08-29-2013 9:58 AM
0 Kudos

Hi Suresh,

Maybe this post helps you http://scn.sap.com/docs/DOC-42812.

1. Add in DEFAULT profile parametr icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

2. Create empty file icm_filter_rules.txt in DIR_GLOBAL)/security/data then restart SAP system

3. Check if works.

BR,

Kamil

Answers (3)

Answers (3)

Former Member
‎08-29-2013 10:00 AM
0 Kudos

Hi all

   Thanks for Every One. issue is resolved

   Thanks

   suresh chirra

Show replies
Show replies
Former Member
‎08-28-2013 12:40 PM
0 Kudos

Hi Suresh,

This is the solution for you:

Navigate to (DIR_GLOBAL)/security/data/icm_filter_rules.txt, open the file icm_filter_rules.txt. Comment all the entries in the file and then restart your system. Your issue will be resolved.

Thanks and Regards

Sheetal Joyce

Show replies
Show replies
Former Member
‎08-29-2013 6:42 AM
0 Kudos

Hi sheetal

      i did same.but still showing same error

     Thanks

    suresh chirra

AtulKumarJain
Active Contributor
‎08-28-2013 12:23 PM
0 Kudos

Hi Suresh,

Please check sap note Number              1451753

BR

Aj

Show replies
Show replies
Former Member
‎08-29-2013 6:46 AM
0 Kudos

Hi atul

You must then create the rule file in the specified directory and specify the filter rules.

  • If you want to prevent access to administration requests completely, you should define the following rule:

           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you want to prevent access to administration requests for external administration, you should define the following rule:

           if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]           if %{REMOTE_ADDR} !stricmp ::1           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you want to allow access to administration requests for certain network segments (for example, 10.18.*), you should define the following rule:

           if %{REMOTE_ADDR} !regimatch 10.18.*.*           RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

  • If you do not want to restrict access to the administration requests to certain clients, remove the lines from the file or turn the lines into a comment:

           #if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]           #if %{REMOTE_ADDR} !stricmp ::1           #RegIRedirectUrl ^/webdynpro/resources/sap. com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]          

  • The syntax for IPv6 addresses is as follows:
    • Local host is the string "::1"
    • An example for an IPv6 address is "fe80::21c:c4ff:fedc".
  • iam unable understand above point from sapnote 1451753.please can u explain it

         Thanks

           suresh chirra

Ask a Question