on 06-24-2014 1:18 PM
Hi,
I need to open my system to SAP. 3 months earlier it worked, now, when I open system, firstly i see green light, then after few minutes it changes to yellow sign with hint "Host did not respond", then "connection cancelled".
OSS1 in SAP system is working properly, all test passed.
Here is my SAPRouttab file:
# Outbound connections to <sapservX> will use SNC
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
#COPY THOSE SETTING FOR ALL SAP SERVERS
# Inbound connections MUST use SNC
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.100.135 *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.100.71 *
# Permission entries to check if connection is allowed at all
P 192.168.100.135 194.39.131.34 *
P 192.168.100.71 194.39.131.34 *
#COPY THOSE SETTING FOR ALL SAP SERVERS
# Inbound connections MUST use SNC
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.100.71 *
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 192.168.100.135 *
# Permission entries to check if connection is allowed at all
P 192.168.100.71 194.39.131.34 *
P 192.168.100.135 194.39.131.34 *
P 127.0.0.1 127.0.0.1 3299
#Access to local SAP servers for users
P * 192.168.100.176 3216 [password]
P * 192.168.100.135 3200 [password]
P * 192.168.100.71 3210 [password]
Users can connect without any problems.
C:\saprout\nt-x86_64>sapgenpse get_my_name -v -n issuer
Opening PSE "C:\Users\Administrator\sec\local.pse"...
PSE (v2) open ok.
Retrieving my certificate... ok.
Getting requested information... ok.
SSO for USER "Administrator"
with PSE file "C:\Users\Administrator\sec\local.pse"
Issuer : CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE
In status SAP-router stays "Connected".
Unfortunetly, I can not even restart saprouter service, because it will disconnect all users from system.
What can I do and what should I check next?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Does the remote connection actually work? Is SAP support able to connect? You can create a customer incident to XX-SER-NET, a network specialist from SAP will help you troubleshoot the connection. They have always been very helpful. If SAP support isn't able to connect, there must have been a network change at your end or the certificate used for the SNC connection has expired.
I think that remote connection is not working - SAP in other ticket said, that they have problem with connection.
When I run Sap Service Connector with one of this small files, in logs I can see this kind of entries:
Wed Jun 25 01:46:33 2014 CONNECT FROM C32/- host [my-home-ip]/17434 ([my-home-hostname])
Wed Jun 25 01:46:33 2014 CONNECT TO S32/24 host 194.39.131.34/3299 (194.39.131.34) (p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE)
Wed Jun 25 01:46:33 2014 ESTABLISHED S32/24 (-/SNC)
Wed Jun 25 01:46:34 2014 DISCONNECT C32/24 host [my-home-ip]/17434 ([my-home-hostname]) RST
How can I check if the certificate is still valid?
This message was moderated.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
78 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.