Internal SAP server access

Unanswered Question
Oct 27th, 2008


In my network there are 2 tier security level. Let me brief:

Internet Link->Router->Internet Firewall->Core Switch-> Server Firm Firewall->Server Firm (SAP Servers).

The requirement is: From Internet i want to access SAP Servers which are placed at Server Firm. Can someone guide me the config steps required at each firewall??

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Mon, 10/27/2008 - 07:09

In your internet firewall you will have to NAT a public IP to either the NAT IP on the Server Farm Firewall or it's real IP address, depending on whether you route or NAT your Server Farm Firewall.

Hope that helps.

acharyr123 Tue, 10/28/2008 - 00:03


Say the public Ip: 210.212.115.X & the real server farm server ip: 172.17.10.X then according to you in my internet firewall i need to do: static (inside, outside) 210.212.115.X 172.17.10.X netmask

Then what about the config in my server farm firewall? Shall i put this firewall in router mode or transparent mode??

Collin Clark Tue, 10/28/2008 - 06:24

That's your decision. Transparent mode has advantages and disadvantages.Which fits better for your farm? If you keep it in routed mode you don't have to NAT and you can "route" between your interfaces and still apply a security policy.


This Discussion