Question:
We are moving our internet connection to SAP from inside the firewall to a webserver in the DMZ.
We have narrowed the range of allowable DCOM ports per MS/SAP docs but we are having problems creating the objects themselves. The DCOM Connector program eventually times out and returns an error that it was unable to connect to (R3hostname). Since (R3hostname) is inside the firewall, it seems probable that the DMZ config is denying access through whatever port the DCOM Connector Active-X program is trying to reach R/3 and read the BOR.
We are considering removing the new webserver from the DMZ, creating the objects, and then returning the server to the DMZ. I am pretty sure this would work but it does not seem like a nuisance for the long-term solution. Does anyone have any experience creating R/3 DCOM objects with the DCOM Connector on a webserver inside their DMZ?
John (NOSPAMjmorris@central.unicor.gov)
Answer:
The connection to SAP will be on Gateway Port 33nn (nn being your SAP instance eg. 3300 is the default)
If you need load balancing you will need to open Port 36nn.
Hope that helps.