SAP/R3 traffic and IPSec.....

Discussion in 'Cisco' started by Masud Reza, Nov 16, 2003.

  1. Masud Reza

    Masud Reza Guest

    Hi All:

    Does anyone have good docs on the type of traffic SAP/R3 has?. What
    type of transport protocols are used? tcp udp etc?

    I want to tunnel the SAP traffic through an IPSec tunnel since the
    traffic is critical and confidential.

    Any pointers would be helpful.

    Thanks to all who reply.

    Masud
     
    Masud Reza, Nov 16, 2003
    #1
    1. Advertisements

  2. :Does anyone have good docs on the type of traffic SAP/R3 has?. What
    :type of transport protocols are used? tcp udp etc?

    :I want to tunnel the SAP traffic through an IPSec tunnel since the
    :traffic is critical and confidential.

    The documentation says tcp 3200-3399, but in practice (here at least)
    it's tcp 3202 or 3602 (one of them for /R4, but I'm not sure which.)

    Then there's something or other to do with printing, for which we
    had to open tcp 3216 at one point.

    Speaking of printing: as I recall, /R3 requires direct access from
    some of the SAP servers to remote printers, tcp 515 or tcp 9100 --
    that is, incoming -to- the printers. /R4 as I recall can use that, but
    it can also use locally attached printers somehow.

    My readily-accessible notes don't indicate why, but at times we
    found it easiest just to permit *all* tcp connections to the SAP
    systems. I gather that the 3602 and 3202 ports that I listed above
    are not completely fixed, but are related to the "service" selected
    in the SAP connection parameters.


    One thing you can pretty much count on: if you have one SAP server,
    then one day not long from now, one of your users will call you up
    irritated because they can't get access to a completely different SAP
    server that your SAP staff "forgot to mention"; or, even more likely,
    that one day -no one- will be able to get access to SAP because they
    cut over to a new version and didn't think about the effect of
    firewalls.
     
    Walter Roberson, Nov 16, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.