Saprouteer Installation Configuration Documentation

SAP Snc-saprouter Installation Configuration

1. Environment
centos6.5

2. Download Saprouter and Sapcryptolib_36-10010845.sar
Download the path to download the latest version of
Http://service.sap.com/swdc
Navigate to "support Packages and Patches", "Browse our Download Catalog", "Additional components" Saprou TER "
Navigate to "support Packages and Patches", "Browse our Download Catalog", "Additional components" sapcry Ptolib "

Unzip all and put it under the/opt/saprouter.

Configuring Environment variables
Useradd Sncadm
Su–sncadm
VI. bash_profile
Secudir=/opt/saprouter
Snc_lib=/opt/saprouter/libsapcrypto.so
Export Secudir Snc_lib

Vi/etc/ld.so.conf.d/sap.conf
/opt/saprouter/

Ldconfig

3. Reference documentation
Https://websmp107.sap-ag.de/saprouter-sncdoc
Https://websmp107.sap-ag.de/saprouter-sncadd

4. Send a message to SAP and apply for SNC connection to SAP support
SAP will provide a dedicated distinguished Name to generate the certificate through this DN
Here's what SAP gave me: CN=SLM, ou=0001134674, Ou=saprouter, O=sap, c=de
Su–sncadm
Cd/opt/saprouter
./sapgenpse Get_pse-v-R certreq-p local.pse "CN=SLM, ou=0001134674, Ou=saprouter, O=sap, C=de"
#PIN不要设置
./sapgenpse get_pse-v-onlyreq-r certreq-p local.pse

#请求SAP证书
Https://websmp107.sap-ag.de/saprouter-sncadd
Cat CertReq #将这个复制到上面网址进行操作
Copy the generated certificate to 1.txt.
VI 1.txt
Import Certificate
./sapgenpse import_own_cert-c 1.txt-p Local.pse
Successful import:
Ca-response successfully imported into PSE "/opt/saprouter/local.pse"

5. Add Users
./sapgenpse seclogin-p Local.pse-o Sncadm

6. Verify that the configuration is OK
./sapgenpse get_my_name-v-N Issuer

The correct output will be the following:
Issuer:cn=saprouter CA, Ou=saprouter, O=sap, c=de

7. Configure Saprouttab
VI Saprouttab
# SNC connection to and from SAP
KT "P:cn=sapserv9, Ou=saprouter, O=sap, c=de" 169.145.197.110 *

# SNC connection to local system for R/3-support
# R/3 server:192.168.1.1
# R/3 instance:00
KP "P:cn=sapserv9, Ou=saprouter, O=SAP, c=de" * 3200

# Access from the local network to SAP
P * 169.145.197.110 3299

# SNC connection to local Portal system for URL access, if applicable
# Portal Server:myserver.mydomain
# Port number:50003
KP "P:cn=sapserv9, Ou=saprouter, O=sap, c=de" Slm.kemiya.net 50003

# Access All
P * * *

# Deny all other connections
D * * *

8. Start Saprouter
Cd/opt/saprouter
Screen./saprouter-r-S 3299-k "p:cn=sapserv9, Ou=saprouter, O=sap, C=de"

9. Testing
./niping-c-h/h/113.105.144.50/h/169.145.197.110/h/localhost

Mon June 23 11:42:42 2014
Connect to Server O.K.

Mon June 23 11:42:43 2014
Send and receive messages (Len 1000)

——-times-–
Avg 48.726 MS
Max 49.472 ms
Min 47.557 ms
TR 40.084 kb/s
Excluding Max and min:
Av2 48.779 ms
TR2 40.040 kb/s

SAP Messages Content
SNC Router Connection
ip:113.105.144.50
SAP Router port:3299
Hostname:slm.kemiya.net
customernumber:s0007231085
Installation number:0020708951

Complete