Many times we come across when our SM59 RFC connection SAPOSS or other connections related to SAPNet is not working, most of the time due to wrong password, which you we can easily correct with the correct logon data which is as follows(SAP Note 182308):
But this is not which I wanted to discuss here. Here we will check the firewall connection and how to create these RFC connections automatically.
Before we proceed, maintaining correct hostname(Use FQDN) and its correct IP that can be reached from outside of you customer network is very important.
So double checking it is best idea.
In above screen of OSS1, we have SAProuter 1 and SAProuter 2 entry filled, though filling the entry for SAProuter 1 and SAProuter 2 is not mandatory in order to work your OSS connection in SM59…. BUT from your server firewall and SAPNet firewall connection should be allowed.
Lets move to this scenario, where both SAProuter 1 and SAProuter 2 entry is filled with your customer hosts where saprouter is configured.
For discussion sake lets assume the server name is “C” where you are executing OSS1 tcode, and two other servers are host A and host B as mentioned in figure.
The flow will be C -> A -> B -> SAPNet
1. Login to server C and check the port
telnet <A IP/hostname> 3299
You should get response like below
2. Again login to host A and check port
telnet <B IP/hostname> 3299
Now, we will check in reverse direction for incoming flow
B -> A -> C
1. Login to host B and check port for A
telnet <A IP/hostname> 3299
2. Login to host A and check port for C here you have to check for your application instance number, if it is lets say 40 then
telnet <C IP/hostname> 3240
If any of the above telnet is not working then get in touch with your client network/firewall team and request them to open the port.
In this scenario, we noticed that SAProuter 2 is router which is responsible for first entry point from outside your client network, which means the firewall at host B should be open for SAPNet to enter and at the same time if it is not done earlier then you have to be in touch with SAPNet network team and request them with help of OSS message to allow entry for your host A
When we fill SAProuter 1 only not the SAProuter 2
This means that in client network host A will be entry/exit point and your application servers will be communicated with SAPNet like this
C -> A -> SAPNet
You have to check your firewall accordingly.
If all these firewall is working fine, the delete all RFC connection related to SAPNet and recreate them as follows (SAP Note 812386)
1. Transaction OSS1 ->Parameters -> Technical settings -> Change mode -> Save. The SAPOSS destination can only be updated by saving.
2. Create the RFC destinations again:
- Use the following path to create SAPNET_RTCC: SE38 -> RTCCTOOL -> list -> Refresh from SAPNet
- Use the following path to create SAPNET_RFC: SDCC -> Maintenance -> Refresh -> Session overview
- SDCC_OSS is created initially when you activate SDCCN. If you then want to create a new copy of SAPOSS, use the following path:
- SDCCN -> Goto -> Settings -> Task specific -> RFC destinations -> Change mode -> ‘Create destination to SAPNet R/3 Frontend’
Checkout this wiki for more insight about saprouter at SAPNet.
Hope this will be of help to some of us.