AX2: Secure Tunnel with SAP
Task: Now you will create a Secure Tunnel between your SAP Cloud Connector and SCP
Access from any application on SAP Cloud Platform to resources on your SAP ABAP system are provided by mapping the IP address of your SAP ABAP system ( Internal Host ) to a Virtual Host.
- You provide this mapping and further attributes relevant for the connection in the ACCESS CONTROL. After the access control is set up you can use the virtual host on SAP Cloud platform to allow applications to connect to services on your ABAP system.
- In the Cloud Connector Administration UI, expand the name of your subaccount and choose Cloud To On-Premise. Above table Mapping Virtual To Internal System choose the plus sign ( Add ).
- Choose ABAP System as Back-end Type and choose Next.
We will use “HTTPS” as the protocol.
For internal host: You should use the IP address of your SAP application system. Users who are using SAP CAL system to self learn can get the Ip address by loging into your front end RDP system and accesing your SAP GUI properties.
- For internal host: 1) Login to you SAP transaction smicm and click enter. 2) Then click services services. 3) note the HTTPS port to update the internal host.
- For the virtual host you can use a desired name. For this lab you can use sapgwdemo as the virtual host. Use the same HTTPS port copied from the previous step (example 44300). Click Next
- For the principal type choose “X.509 Certificate” generic. Click Next
- You can ignore description for this lab and click Next
- As a result, you should see a summary of your settings. Here you can press finish to complete the process.
- Now that you have defined a system, it is necessary to also define which resources are available within this system. In the pop up window, add / as the URL path and choose the radio button for “Path and all sub-paths”. Make sure the “Enabled” checkbox is ticked and save.
- If you now click on the “Check availability…” icon under the “Actions” column in the “Mapping to virtual systems”, you should get a Green square in the Status column. If not click the check availability feature highlighted in the red box as shown below.