SAP R/3 login problem through tunnel

SAP R/3 login problem through tunnel

NewsGroups | Search | Tools
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
SAP R/3 login problem through tunnel gautamzone 02-22-2006
Posted by on February 22, 2006, 11:19 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi friends,

Just a peculiar problem with logging into SAP R/3 through a tunnel

Remote Clients are unable to login to SAP R/3 Ver 4.7 server at central
office. However, they are able to ping to the SAP server!!

The following are the details:

Remote End router : Cisco 2610
IOS : 12.0(5)XK1

Central office router : Cisco 1721
IOS : 12.3(5e)

A tunnel has been configured on both ends with IP address range of
10.1.1.0 / 30.
I am able to ping from one tunnel to the other.

However, with another alternative link (Leased Line) without tunnel
confuguration, the remote clients are able to access the SAP server.

I changed the MTU settings for the tunnel interfaces to 1500, but it
did not work.

I would also like to add that there is one more remote location router
with IOS 12.4(3b) that is having successful SAP server connectivity
with central office router in a tunnel configuration.

So, I strongly suspect the IOS version being a cause here. But I am not
really in a position to upgrade the IOS from 12.0 to a higher version
as I only have 8MB of flash memory.

Are there any options that I can try in this scenario? Thanks a lot for
your help in advance.

Thanks a lot
Gautam


Posted by Haitingus on February 22, 2006, 9:00 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi Gautam,

We encounter the same issue, some version of SAP put the do not fragment bit
to set. Meaning that if for some reason, the packets needs to be fragmented
(depending on the path you go through), your packet will be simply dropped.

Solution we applied was to set the MTU on the server to 1300 (maybe yuou can
fine tune this), by editing the registry.

Regards,
Marc.
> Hi friends,
>
> Just a peculiar problem with logging into SAP R/3 through a tunnel
>
> Remote Clients are unable to login to SAP R/3 Ver 4.7 server at central
> office. However, they are able to ping to the SAP server!!
>
> The following are the details:
>
> Remote End router : Cisco 2610
> IOS : 12.0(5)XK1
>
> Central office router : Cisco 1721
> IOS : 12.3(5e)
>
> A tunnel has been configured on both ends with IP address range of
> 10.1.1.0 / 30.
> I am able to ping from one tunnel to the other.
>
> However, with another alternative link (Leased Line) without tunnel
> confuguration, the remote clients are able to access the SAP server.
>
> I changed the MTU settings for the tunnel interfaces to 1500, but it
> did not work.
>
> I would also like to add that there is one more remote location router
> with IOS 12.4(3b) that is having successful SAP server connectivity
> with central office router in a tunnel configuration.
>
> So, I strongly suspect the IOS version being a cause here. But I am not
> really in a position to upgrade the IOS from 12.0 to a higher version
> as I only have 8MB of flash memory.
>
> Are there any options that I can try in this scenario? Thanks a lot for
> your help in advance.
>
> Thanks a lot
> Gautam
>



Posted by ciscodagama@gmail.com on February 23, 2006, 12:59 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Try pings with larger packet sizes to see if this is a MTU issue. Like
the last poster suggested, this could have something to do with the
don't-fragment (DF) bit having to be cleared. Check out the following
link that explains interaction between MTU and DF bit being set when
GRE is involved

http://www.cisco.com/warp/public/105/56.html

Cisco da Gama
http://ciscostudy.blogspot.com


Similar ThreadsPosted
SSH login problem December 3, 2007, 5:04 pm
router AAA login problem April 8, 2005, 3:48 pm
Login prompt problem March 27, 2007, 6:31 pm
Linksys RV082 Problem: Can "login" but can't access web based utility June 28, 2006, 10:43 am
tunnel, ospf problem November 15, 2004, 5:53 am
IPSec Tunnel Problem December 21, 2004, 3:23 pm
IPSec Tunnel problem, need help !! January 2, 2007, 4:54 am
L2TP tunnel problem July 9, 2007, 12:40 pm
Problem with GRE tunnel not coming up January 20, 2008, 2:54 am
GRE Tunnel problem with one endpoint in NAT May 1, 2008, 10:52 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map