AX2: Secure Tunnel with SAP

Task: Now you will create a Secure Tunnel between your SAP Cloud Connector and SCP

Access from any application on SAP Cloud Platform to resources on your SAP ABAP system are provided by mapping the IP address of your SAP ABAP system ( Internal Host ) to a Virtual Host.

  • You provide this mapping and further attributes relevant for the connection in the ACCESS CONTROL. After the access control is set up you can use the virtual host on SAP Cloud platform to allow applications to connect to services on your ABAP system.

Steps:

  1. In the Cloud Connector Administration UI, expand the name of your subaccount and choose Cloud To On-Premise. Above table Mapping Virtual To Internal System choose the plus sign ( Add ).

Preparation menu

  1. Choose ABAP System as Back-end Type and choose Next.

Preparation menu

  1. We will use “HTTPS” as the protocol.

  2. For internal host: You should use the IP address of your SAP application system. Users who are using SAP CAL system to self learn can get the Ip address by loging into your front end RDP system and accesing your SAP GUI properties.

Preparation menu

  • For internal host: 1) Login to you SAP transaction smicm and click enter. 2) Then click services services. 3) note the HTTPS port to update the internal host.

Preparation menu

  1. For the virtual host you can use a desired name. For this lab you can use sapgwdemo as the virtual host. Use the same HTTPS port copied from the previous step (example 44300). Click Next

Preparation menu

  1. For the principal type choose “X.509 Certificate” generic. Click Next

Preparation menu

  1. You can ignore description for this lab and click Next

Preparation menu

  1. As a result, you should see a summary of your settings. Here you can press finish to complete the process.

Preparation menu

  1. Now that you have defined a system, it is necessary to also define which resources are available within this system. In the pop up window, add / as the URL path and choose the radio button for “Path and all sub-paths”. Make sure the “Enabled” checkbox is ticked and save.

Preparation menu

  1. If you now click on the “Check availability…” icon under the “Actions” column in the “Mapping to virtual systems”, you should get a Green square in the Status column. If not click the check availability feature highlighted in the red box as shown below.

Preparation menu