cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Partner not reached ..

Go to solution
tobias_ptz
Participant

on ‎10-07-2014 11:47 AM

0 Kudos

Hi guys,

I know this question was asked a few times, but I need a little help ..

Our customer is using a RFC tool, to upload files, start transactions etc., now they get an update of this tool and we have some network problems.

The main reason of this error is because the SAP systems sends his internal IP address back to the RFC tool, and the tool want to connect to the dispatcher with the given internal IP address.

We tested it with the SAPRouter and without, the problem is the same.

1. The tool (client e.g. 10.10.20.1) connects to the SAP Gateway (e.g. 210.10.10.1) with the given external IP address, and/or with a SAPRouter string.

     - this connection works

2. The tool want to start a transaction, so it calls the function "SYSTEM_PREPARE_ATTACH_GUI", SAP sends the interal IP address (e.g. 192.168.1.1) to the client and I get the SAPGUI security prompt to allow to start a SAPGUI, after that, the tool wants to connect to the dispatcher with the internal IP address of the SAP system, but this fails .. I know that this is right ..

During the search for a solution I found this nice tutorial: RFC connections on “NATed” environments - ABAP Connectivity - SCN Wiki

But this is for a connection between two systems via a @back@ RFC connection, I have hand full of clients.

I read also a few notes:

• 21151 - Multiple Network adapters in SAP Servers

• 148832 - IP address conversion with a firewall

• 555162 - Asynchronous RFCs with a dialog using a SAP router

• 1033987 - Remote login using NAT or SAP router fails

I know there must be an option, I don't think I am the first one who wants to use a NAT IP address for RFC.

So, what is the right way to tell the SAP system to send not the internal IP address back to the client, but the external?

Or should I route on the SAPRouter all questions to the internal IP address to the external?

The way to the Clients:

SAP (internal e.g. 192.168.1.1.) > FW (external e.g. 210.10.10.1) > VPN > FW (e.g. 220.10.10.1) > SAPRouter (e.g. 10.10.10.1) > Client (e.g. 10.10.20.1)

Thank you for any help!

Best regards,

Tobias

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

tobias_ptz
Participant
‎03-16-2015 3:04 PM
0 Kudos

So, finally we found out what the problem was/is, the firewall itself!

Steps to find the "bug":

- installed a second SAPRouter on our side, to get where the connection breaks

- captured the network traffic between the two SAPRouter and the firewall itself

- after syncing the logs, found the error on the firewall

• a client request (SYN) was directly rejected by the firewall with a RESET, why, we don't really know!

Steps to proof if it's really the firewall:

- installed a second NIC on the client pc and on the server

- routed all traffic from the client directly to the server

• the connection doesn't broke, even after some more tests

Thanks for all your help!

Best regards,

Tobias

Show replies
Show replies
former_member185954
Active Contributor
‎03-16-2015 3:28 PM
0 Kudos

So partner finally reached

Answers (4)

Answers (4)

gabriella_kiss
Participant
‎10-10-2014 5:18 PM
0 Kudos

Dear Tobias,

please check:

148832 - IP address conversion with a firewall

Regards Gabriella Kiss

Show replies
Show replies
tobias_ptz
Participant
‎10-13-2014 11:19 AM
0 Kudos

Hi Gabriella,

I've tried this profile parameter, but it doesn't helped ..

I don't get this error message as described in the notes!

It's really just the point, that the gateway sends back the internal IP, and the SAPRouter don't get it.

Thanks!

Tobias

tobias_ptz
Participant
‎10-08-2014 12:29 PM
0 Kudos

After an intensive search, I found an option to get back the external IP address.

I created a separate Logon Group and added the external IP address to the properties.

So the problem is, the RFC program has to call the message server instead of the gateway.

Is there a way to configure the gateway that it sends backup the FQDN instead of the internal IP?

So we can use the windows hosts file which tells the saprouter the right IP address.

Any idea?

Thanks!

Best regards,

Tobias

Show replies
Show replies
Sriram2009
Active Contributor
‎10-10-2014 6:50 PM
0 Kudos

Hi Tobias

Just add the public IP = hostname  & public IP = host name as FQDN in the Host file and then check the connection with host name not through IP

BR

SS

tobias_ptz
Participant
‎10-14-2014 11:13 AM
0 Kudos

Hi,

Do you mean the hosts file of the SAPServer or of the SAPRouter?

Thanks

Tobias

Sriram2009
Active Contributor
‎10-14-2014 11:50 AM
0 Kudos

Hi

In client system you add the local host file of

1. public IP address= SAP host name

2. public IP address = SAP host name FQDN

and then try with SAP host name

BR

SS

tobias_ptz
Participant
‎10-16-2014 2:18 PM
0 Kudos

Hi,

This is already tried!

Even if we use on client side the FQDN, we get back from the gateway the internal IP.

So i hoped there is a setting in SAP or direct in the SAP Gateway, where I can set up to send back the hostname ..

Thank you.

Tobias

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎10-08-2014 11:06 AM
0 Kudos

Moved to

Regards,

JK

Show replies
Show replies
tobias_ptz
Participant
‎10-08-2014 12:20 PM
0 Kudos

Thank you, Jitendra!

Former Member
‎10-08-2014 9:52 AM
0 Kudos

Hi Tobias,

This isn't the space for that "Gateway". This is the OData Gateway space, a diffeent beast.

R

Show replies
Show replies
tobias_ptz
Participant
‎10-08-2014 10:30 AM
0 Kudos

Hi Ron,

Oh .. hmm, damn it!

Is there some moderator out there who can move this thread to the Netweaver Administator space?

Thanks Ron, for the hint!

Best regards,

Tobias

Ask a Question