SAP Router Installation with SNC
1,009 views
9 slides
Sep 05, 2016
Slide 1 of 9
1
2
3
4
5
6
7
8
9
About This Presentation
Simple overview of the steps required to install SAP Router with SNC.
Slide Content
SAP$Router$Installa0on$with$SNC$
• SAP$Router$is$a$program$that$acts$as$a$proxy$between$SAP$
systems$and$external$networks
• It$controls$access$to$your$network$from$external$network$
systems$such$as$SAP$AG
• It$acts$as$an$applica?on$level$gateway$and$is$useful$for$$
enhancing$an$exis?ng$firewall
• This$document$focuses$on$the$installa?on$of$SAP$Router$using$
Secure$Network$Communica?on$(SNC)$and$is$aimed$at$system$
administrators$responsible$for$seGng$up$connec?vity$from$SAP$
to$customer
Introduc0on$
systems$and$external$networks
• It$controls$access$to$your$network$from$external$network$
systems$such$as$SAP$AG
• It$acts$as$an$applica?on$level$gateway$and$is$useful$for$$
enhancing$an$exis?ng$firewall
• This$document$focuses$on$the$installa?on$of$SAP$Router$using$
Secure$Network$Communica?on$(SNC)$and$is$aimed$at$system$
administrators$responsible$for$seGng$up$connec?vity$from$SAP$
to$customer
Introduc0on$
• Download$of$the$latest$installa?on$media$for$SAP$Router$and$
the$SAP$Cryptographic$library$from$SAP$Support$Portal
• %)/+,()*$4&'*$6+(1$!"#$%&'()*$6+(1$!"#;
o obtain$public$IP$and$hostname$of$your$SAP$Router$host
o fill$in$remote$connec?on$data$sheet$from$note$28976
o raise$incident$with$SAP$under$component$XXOSERONETONEW
o SAP$will$provide$your$Dis?nguished$Name
• E.g.$CN=<SAP$Router$host>,$OU=<Customer$Number>,$OU=SAProuter,$O=SAP,$C=DE
• Prepare$SAP$Router$host
o create$a$user$e.g.$“sapadm”$in$group$sapsys
o create$and$installa?on$filesystem$e.g.$/usr/sap/saprouter
o set$ownership$of$installa?on$filesystem$to$“sapadm:sapsys”
Pre8Requisites$
the$SAP$Cryptographic$library$from$SAP$Support$Portal
• %)/+,()*$4&'*$6+(1$!"#$%&'()*$6+(1$!"#;
o obtain$public$IP$and$hostname$of$your$SAP$Router$host
o fill$in$remote$connec?on$data$sheet$from$note$28976
o raise$incident$with$SAP$under$component$XXOSERONETONEW
o SAP$will$provide$your$Dis?nguished$Name
• E.g.$CN=<SAP$Router$host>,$OU=<Customer$Number>,$OU=SAProuter,$O=SAP,$C=DE
• Prepare$SAP$Router$host
o create$a$user$e.g.$“sapadm”$in$group$sapsys
o create$and$installa?on$filesystem$e.g.$/usr/sap/saprouter
o set$ownership$of$installa?on$filesystem$to$“sapadm:sapsys”
Pre8Requisites$
Installa0on$
• Perform$the$installa?on$as$user$sapadm
• Unpack$the$so]ware$into$your$installa?on$file$system$
o SAPCAR$Oxvf$<saprouter$so]ware$archive>
o SAPCAR$Oxvf$<sapcryptographic$so]ware$archive>
• Update$environment$of$sapadm
o PATH$=$${PATH}:<installa?on$directory>
o SECUDIR$=$<installa?on$directory>
o SNC_LIB$=$<installa?on$directory>/<sapcryptographic_library>
o LD_LIBRARY_PATH$=$<installa?on$directory>
• Perform$the$installa?on$as$user$sapadm
• Unpack$the$so]ware$into$your$installa?on$file$system$
o SAPCAR$Oxvf$<saprouter$so]ware$archive>
o SAPCAR$Oxvf$<sapcryptographic$so]ware$archive>
• Update$environment$of$sapadm
o PATH$=$${PATH}:<installa?on$directory>
o SECUDIR$=$<installa?on$directory>
o SNC_LIB$=$<installa?on$directory>/<sapcryptographic_library>
o LD_LIBRARY_PATH$=$<installa?on$directory>
Registering$SAP$Router$
• Go$to$
hfps://support.sap.com/remoteOsupport/saprouter/saprouterO
cer?ficates.html
• Generate$SAP$Router$cer?ficate$request$using$dis?nguished$name$
registered$at$SAP$with$sapadm$and$command$sapgenpse
o sapgenpse$get_pse$Ov$Oa$sha256WithRsaEncryp?on$Os$2048$Or$certreq$Op$
local.pse$“<Dis?nguished$Name>”
• Copy$and$paste$the$content$of$text$file$(certreq)$created$by$
sapgenpse$into$the$SAP$support$page$and$request$cer?ficate
• Copy$and$paste$the$result$of$the$cer?ficate$request$onto$the$
saprouter$host$as$a$text$file$“srcert”$under$the$/usr/sap/saprouter$
directory
• Go$to$
hfps://support.sap.com/remoteOsupport/saprouter/saprouterO
cer?ficates.html
• Generate$SAP$Router$cer?ficate$request$using$dis?nguished$name$
registered$at$SAP$with$sapadm$and$command$sapgenpse
o sapgenpse$get_pse$Ov$Oa$sha256WithRsaEncryp?on$Os$2048$Or$certreq$Op$
local.pse$“<Dis?nguished$Name>”
• Copy$and$paste$the$content$of$text$file$(certreq)$created$by$
sapgenpse$into$the$SAP$support$page$and$request$cer?ficate
• Copy$and$paste$the$result$of$the$cer?ficate$request$onto$the$
saprouter$host$as$a$text$file$“srcert”$under$the$/usr/sap/saprouter$
directory
Import$Cer0ficate$
• Import$“srcert”$onto$saprouter$using$sapgenpse$command$
below$and$create$creden?als$for$user$“sapadm”$to$access$local$
pse
o sapgenpse$import_own_cert$Oc$srcert$Op$local.pse
o sapgenpse$seclogin$Op$local.pse$OO$sapadm
• Import$“srcert”$onto$saprouter$using$sapgenpse$command$
below$and$create$creden?als$for$user$“sapadm”$to$access$local$
pse
o sapgenpse$import_own_cert$Oc$srcert$Op$local.pse
o sapgenpse$seclogin$Op$local.pse$OO$sapadm
Create$Router$Table$
• The$SAP$Router$table$is$a$permission$file$containing$details$of$
who$can$communicate$through$the$SAP$Router
• As$“sapadm”$create$the$text$file$saproufab$under$/usr/sap/
saprouter$and$configure$similar$to$the$example$below
• The$SAP$Router$table$is$a$permission$file$containing$details$of$
who$can$communicate$through$the$SAP$Router
• As$“sapadm”$create$the$text$file$saproufab$under$/usr/sap/
saprouter$and$configure$similar$to$the$example$below
Opera0ng$SAP$Router$
• Operate$SAP$Router$with$the$user$created$for$the$installa?on
• Issue$start/stop$commands$from$the$installa?on$directory
• Start$the$SAP$Router$with$the$following$command
– saprouter$Or$OS$<port>$OG$saprouter.log$OK$"<DN>"$&$
– where:
o OK:$to$start$with$loading$SNC$library
o <DN>:$Dis?nguished$Name
o OS:$saprouter$port
o OG:$name$of$the$log$file
• Stop$the$SAP$Router$with$the$following$command
– saprouter$Os
• Operate$SAP$Router$with$the$user$created$for$the$installa?on
• Issue$start/stop$commands$from$the$installa?on$directory
• Start$the$SAP$Router$with$the$following$command
– saprouter$Or$OS$<port>$OG$saprouter.log$OK$"<DN>"$&$
– where:
o OK:$to$start$with$loading$SNC$library
o <DN>:$Dis?nguished$Name
o OS:$saprouter$port
o OG:$name$of$the$log$file
• Stop$the$SAP$Router$with$the$following$command
– saprouter$Os
Thank8you$
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1,009
- Slides 9
- Favorites 1
- Age 3374 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views