cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Firewall issue while calling SAP (RFC Calls) from .Net Application

Go to solution
Former Member

on ‎04-01-2007 3:12 PM

0 Kudos

Hi,

We have .Net applications(Infact two applications, Web Application and Windows Services). These two applications are making RFC calls to SAP Systems (CRM 4.0 and BW 3.5). These various RFC Calls are to update and read data from these systems. The problem we are facing because of the .Net applications are on server which is outside our firewall. The is required as the web application (which uses RFC Calls) has to be on public accessible server, outside the firewall. All our SAP Systems are behind the network firewall. Now we are looking for various options to make required settings to call SAP Systems via RFC from outside firewall. We don't want to open any port on SAP System because of security concerns. .....

Any suggestion would be highly appreciated and many many thanks in advance

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-01-2007 11:20 PM
0 Kudos

Rajan,

The first question I have for you is, why does the web app on the outside (public) network need to have direct communication with SAP? Why don't you create a public web app that communicates with a web service that is hosted in your private network? Here is an example: You have a web application to create a ship to account. On this web server you host your web application and have it communicate with a web service which is hosted in your private network. This web service can be what communicates with SAP via RFC calls. Now your firewall guys can setup access-lists that say this web service will only communicate with the web server on these specific ports, so now your web server is the only server which can communicate with your web service. So now if your web server is compromised the only way they can communicate with your SAP system is through the web service and if you have proper checks in your web service the chance of gaining access to your SAP system is very unlikely. Hope this helps!

Show replies
Show replies
Former Member
‎04-02-2007 3:23 AM
0 Kudos

Thanks Ryan,

The main reason for the direct RFC Call is performance. What you are suggesting is "Message Oriented Processing" and this is Async processing (which has performance overheads). I can think of another similar option..which is .Net Remoting with Binary Formatter and would be little better (from performance point of view) as compare to web service.

However, I want to explore these options when ALL the options of direct RFC Calls are exhausted. Within our project we have to make couple of RFC Calls one after another and some of them are dependant on the result from previous call...truly a Synchronous process. And one of the main requirement is to very high performance as things are happening in real time.

Former Member
‎04-02-2007 1:30 PM
0 Kudos

Rajan,

You can still do what you want with a web service. You can pass information needed to your web service and have it do all your rfc connections and calculations then pass back to your web application the information needed. If you still have a need to do direction connections to SAP through your web application then to find out what ports you need you can run Ethereal. I believe you can also route traffic through SAP router as well. Hope this helps

Former Member
‎04-02-2007 4:03 PM
0 Kudos

Thanks Again Ryan,

I know like SAP has one product, called Web Dispatcher, which is used to redirect the Http Requests from server outside the firewall to proper SAP Systems. However this is used for Http Calls e.g. for CRM Survey (or any other BSP Application), I was wondering if

there is any other such tool for RFC Calls from outside firewall or even if we can use web dispatcher for RFC Calls as well

Former Member
‎04-02-2007 4:13 PM
0 Kudos

Rajan, Wish I could help you more, but I am not completely familar with Web Dispatcher and whether you can use it with RFC's. Best of luck to you!

Answers (0)

Ask a Question