Sometimes you face problem with your SAPRouter hence you can not connect to OSS. Please follow steps below to diagnose what really happen to your SAPRouter.
1. Ping sapserv2 (194.39.131.34) from your SAProuter. If you get time out error, it means your saprouter can not connect to the OSS server.
2. Please check your saprouttab file. This file containts the perrmission and deny connection from or to sapserv2. You edit this file and add manually your connection if you need it.
If your SAPRouter is a SNC connection, please proceed additional steps below to check the validity of SNC certificate.
1. Run command sapgenpse
2. Run command sapgenpse get_my_name
3. Run command sapgenpse get_my_name -v -n Issuer
4. Run command sapgenpse seclogin –l
5. Run command sapgenpse get_pse -v -r certreq -p local.pse "CN=hostname, OU=unique number, OU=SAProuter, O=SAP, C=DE"
6. Run command sapgenpse import_own_cert -c srcert -p local.pse
7. Run command sapgenpse seclogin -p local.pse
8. Run command sapgenpse get_my_name -v -n Issuer
9. Run command sapgenpse get_my_name
Thursday, November 20, 2008
Friday, November 14, 2008
Hotel Bidakara
Mungkin lo2 pada bingung baca judul postingan gua....sebenarnya gak ada yang namaya Hotel Bidakara..yang ada Bidakara Tower....
Gua nulis gitu untuk menggambarkan keadaan gua saat ini dimana gua harus stay in this building till Sunday....
Emang gua lagi ngapain? Apalagi klo bukan kerja...kerja di atas rata-rata jam kerja orang normal, suka masuk pas weekend, susah mengatur WLB (work life balance) adalah keaadan gua saat ini sebagai seorang konsultan...
Mungkin bagi kalian yang masih muda (kaya udah tua aja guanya) alias yang masih kuliah..mendengar kata konsultan mungkin sesuatu yang wah...memang, ada kebanggaan tersendiri bagi lo klo lo disebut sebagai seorang konsultan...cuman klo lo2 pada udah di dalam, jadi seorang konsultan itu sangat berat, susah untuk bagi waktu antara kerjaan dan kehidupan lo yang lain...jadi..klo mau jadi konsultan berpikirlah masak2.
Back to my condition now...gua harus stay in here karena gua harus ngelakuin export dan import database SAP...kerjaannya sebenarnya cuman nungguin sistem..make sure nothing error occurs and fix the problem as sooon as possible.
Gua sendiri berharap gak ada error yang muncul, jadi gua bisa tidur bentar dan bisa mengumpulkan tenaga untuk esok hari....buat temen2 yang lain selamat menikmati malam ini dan week end esok...
Gua nulis gitu untuk menggambarkan keadaan gua saat ini dimana gua harus stay in this building till Sunday....
Emang gua lagi ngapain? Apalagi klo bukan kerja...kerja di atas rata-rata jam kerja orang normal, suka masuk pas weekend, susah mengatur WLB (work life balance) adalah keaadan gua saat ini sebagai seorang konsultan...
Mungkin bagi kalian yang masih muda (kaya udah tua aja guanya) alias yang masih kuliah..mendengar kata konsultan mungkin sesuatu yang wah...memang, ada kebanggaan tersendiri bagi lo klo lo disebut sebagai seorang konsultan...cuman klo lo2 pada udah di dalam, jadi seorang konsultan itu sangat berat, susah untuk bagi waktu antara kerjaan dan kehidupan lo yang lain...jadi..klo mau jadi konsultan berpikirlah masak2.
Back to my condition now...gua harus stay in here karena gua harus ngelakuin export dan import database SAP...kerjaannya sebenarnya cuman nungguin sistem..make sure nothing error occurs and fix the problem as sooon as possible.
Gua sendiri berharap gak ada error yang muncul, jadi gua bisa tidur bentar dan bisa mengumpulkan tenaga untuk esok hari....buat temen2 yang lain selamat menikmati malam ini dan week end esok...
Wednesday, November 12, 2008
SAP Router Installation
On this posting, I’ll try to explain about how to install and configure SAProuter and also how to set your SAProuter to match with Secure Network Communication (SNC) just SAP want to if they have to support you.
The first thing you need to do, is to send a customer message to SAP Support(component XX-SER-NET-OSS-NEW) and tell them to register the hostname and IP of your new SAProuter.
You have to register it with a official IP address (no internal IPs allowed), but it’s allowed to use NAT in the firewall/router.
After you’ve received a confirmation from SAP that your SAProuter has been registered, you are ready to configure your SAProuter.
If your SAProuter directory is C:\usr\sap\saprouter, below the steps you can follow.
Note: You will be asked for a PIN code. Just pick your own 4 numbers, but
you’ll have to use the same PIN every time you’re asked to enter one.
1. Set 2 environment variables: SECUDIR and SNC_LIB according to the
guide you’ve downloaded.
2. Download the SAP Crypto Library and unpack it into C:\usr\sap\saprouter
3. To generate a certificate request, run the command:
sapgenpse get_pse -v -r C:\usr\sap\saprouter\certreq -p C:\usr\sap\saprouter\local.pse “”
4. Then you have to follow the guide and request the certificate from
http://service.sap.com/tcs -> Download Area -> SAProuter Certificate
5. Create a file C:\usr\sap\saprouter\srcert and copy the requested
certificate into this file. The run the command:
sapgenpse import_own_cert -c C:\usr\sap\saprouter\srcert -p C:\usr\sap\saprouter\local.pse
6. To generate credentials for the user that’s running the SAProuter service, run command:
sapgenpse seclogin -p C:\usr\sap\saprouter\local.pse -O
(this will create the file “cred_v2″)
7. Check the configuration by running command:
sapgenpse get_my_name -v -n Issuer
(This should always give the answer “CN=SAProuter CA, OU=SAProuter,
O=SAP, C=DE”)
8. Create SAProuter service on Windows with the command:
ntscmgr install SAProuter -b C:\usr\sap\saprouter\saprouter.exe -p
“service -r -R C:\usr\sap\saprouter\saprouttab -W 60000 -K
^p:^”
9. Edit the Windows Registry key as follows:
MyComputer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAProute
r\ImagePath –> Change both ^ to “
10. Start the SAProuter service
11. Enter the required parameters in OSS1 -> Technical Settings
———————————————————————————
Installation on UNIX
———————————————-
1. Create the subdirectory saprouter in the directory /usr/sap/.
2. Get the latest version of the SAProuter from the SAP Service Marketplace (service.sap.com/patches). Choose Support Packages and Patches ® Entry by Application Group ® Additional Components ® SAPROUTER. The SAProuter is in packet saprouter*.SAR; the program niping is also in this packet. Copy programs saprouter and niping to the newly created directory /usr/sap/saprouter.
If you cannot copy the programs from SAP Service Marketplace, you can copy a version (may be obsolete) from your directory /usr/sap//SYS/exe/run.
3. (Optional) If you want to start the SAProuter on the same computer used for an SAP instance, insert the following line into file /usr/sap//SYS/exe/run/startsap:
#
# Start saprouter
#
SRDIR=/usr/sap/saprouter
if [ -f $SRDIR/saprouter ] ; then
echo “\nStarting saprouter Daemon “ | tee -a $LOGFILE
echo “—————————-“ | tee -a $LOGFILE
$SRDIR/saprouter -r -R $SRDIR/saprouttab \
| tee -a $LOGFILE &
fi
Insert the lines before the commands to start the SAP instance.
Normally the SAProuter runs on a different computer. If this is so, this step is omitted and you start the SAProuter as described in Starting the SAProuter.
4. Maintain the route permission table in directory /usr/sap/saprouter. If you want to keep it in another directory or under a name other than saprouttab, you must specify this with the SAProuter option -R (see Option R ).
This should help in SAP Router configuration and installation. Step forward, guys.
The first thing you need to do, is to send a customer message to SAP Support(component XX-SER-NET-OSS-NEW) and tell them to register the hostname and IP of your new SAProuter.
You have to register it with a official IP address (no internal IPs allowed), but it’s allowed to use NAT in the firewall/router.
After you’ve received a confirmation from SAP that your SAProuter has been registered, you are ready to configure your SAProuter.
If your SAProuter directory is C:\usr\sap\saprouter, below the steps you can follow.
Note: You will be asked for a PIN code. Just pick your own 4 numbers, but
you’ll have to use the same PIN every time you’re asked to enter one.
1. Set 2 environment variables: SECUDIR and SNC_LIB according to the
guide you’ve downloaded.
2. Download the SAP Crypto Library and unpack it into C:\usr\sap\saprouter
3. To generate a certificate request, run the command:
sapgenpse get_pse -v -r C:\usr\sap\saprouter\certreq -p C:\usr\sap\saprouter\local.pse “”
4. Then you have to follow the guide and request the certificate from
http://service.sap.com/tcs -> Download Area -> SAProuter Certificate
5. Create a file C:\usr\sap\saprouter\srcert and copy the requested
certificate into this file. The run the command:
sapgenpse import_own_cert -c C:\usr\sap\saprouter\srcert -p C:\usr\sap\saprouter\local.pse
6. To generate credentials for the user that’s running the SAProuter service, run command:
sapgenpse seclogin -p C:\usr\sap\saprouter\local.pse -O
(this will create the file “cred_v2″)
7. Check the configuration by running command:
sapgenpse get_my_name -v -n Issuer
(This should always give the answer “CN=SAProuter CA, OU=SAProuter,
O=SAP, C=DE”)
8. Create SAProuter service on Windows with the command:
ntscmgr install SAProuter -b C:\usr\sap\saprouter\saprouter.exe -p
“service -r -R C:\usr\sap\saprouter\saprouttab -W 60000 -K
^p:^”
9. Edit the Windows Registry key as follows:
MyComputer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAProute
r\ImagePath –> Change both ^ to “
10. Start the SAProuter service
11. Enter the required parameters in OSS1 -> Technical Settings
———————————————————————————
Installation on UNIX
———————————————-
1. Create the subdirectory saprouter in the directory /usr/sap/.
2. Get the latest version of the SAProuter from the SAP Service Marketplace (service.sap.com/patches). Choose Support Packages and Patches ® Entry by Application Group ® Additional Components ® SAPROUTER. The SAProuter is in packet saprouter*.SAR; the program niping is also in this packet. Copy programs saprouter and niping to the newly created directory /usr/sap/saprouter.
If you cannot copy the programs from SAP Service Marketplace, you can copy a version (may be obsolete) from your directory /usr/sap//SYS/exe/run.
3. (Optional) If you want to start the SAProuter on the same computer used for an SAP instance, insert the following line into file /usr/sap//SYS/exe/run/startsap:
#
# Start saprouter
#
SRDIR=/usr/sap/saprouter
if [ -f $SRDIR/saprouter ] ; then
echo “\nStarting saprouter Daemon “ | tee -a $LOGFILE
echo “—————————-“ | tee -a $LOGFILE
$SRDIR/saprouter -r -R $SRDIR/saprouttab \
| tee -a $LOGFILE &
fi
Insert the lines before the commands to start the SAP instance.
Normally the SAProuter runs on a different computer. If this is so, this step is omitted and you start the SAProuter as described in Starting the SAProuter.
4. Maintain the route permission table in directory /usr/sap/saprouter. If you want to keep it in another directory or under a name other than saprouttab, you must specify this with the SAProuter option -R (see Option R ).
This should help in SAP Router configuration and installation. Step forward, guys.
Subscribe to:
Posts (Atom)
