Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internal SAP server access

Hi,

In my network there are 2 tier security level. Let me brief:

Internet Link->Router->Internet Firewall->Core Switch-> Server Firm Firewall->Server Firm (SAP Servers).

The requirement is: From Internet i want to access SAP Servers which are placed at Server Firm. Can someone guide me the config steps required at each firewall??

3 REPLIES

Re: Internal SAP server access

In your internet firewall you will have to NAT a public IP to either the NAT IP on the Server Farm Firewall or it's real IP address, depending on whether you route or NAT your Server Farm Firewall.

Hope that helps.

New Member

Re: Internal SAP server access

Hi,

Say the public Ip: 210.212.115.X & the real server farm server ip: 172.17.10.X then according to you in my internet firewall i need to do: static (inside, outside) 210.212.115.X 172.17.10.X netmask 255.255.255.255.

Then what about the config in my server farm firewall? Shall i put this firewall in router mode or transparent mode??

Re: Internal SAP server access

That's your decision. Transparent mode has advantages and disadvantages.Which fits better for your farm? If you keep it in routed mode you don't have to NAT and you can "route" between your interfaces and still apply a security policy.

186
Views
0
Helpful
3
Replies
CreatePlease to create content