RI registration

Guest · May 12, 2004, 2:56am

Hi all,

I am setting up a RI/internal server architecture. I installed SAP BC 46 on both servers. I created a SOCK listener at port 443 on the RI server (in my DMZ) . Now I am trying to register it on the internal server. If i try to register it the Internal server tells me “Unable to register any Reverse Connection with alias”. I can telnet the RI from then internal on 443, but for some reason I am not able to register it.
Can anybody help me with this issue?

Thanks
Michele

Jordy · May 12, 2004, 4:16pm

Michele,

You will need to create a SOCK listener on another port then 443, since this port is used by the internal server to connect over. 443 will be the proxy port you create on the RI server for external parties to connect to. You will also need to create a remote alias that points to your RI server (using the port registered for SOCK).

-Jordy

Guest · May 12, 2004, 7:11pm

Jordy,

thank you very much for your help.

My RI server has two ports: 443 SOCK where the listener is running and a 5556 HTTP listening for external parties.
My Internal server has a remote alias configured to talk to the RI (IP address) on port 443 (where the RI is listening). The authetication method used by the remote alias is User/password.
Still I can’t register the Reverse Connection.
Is there an issue if I listen to extenal parties with 5556?
Why the registration doesn’t take place…is there something extra I have to do?

Thank you very much for your help…

Michele

Jordy · May 12, 2004, 8:01pm

Michele,

I think we need to see more detail of the error you are getting, right now you are only sharing the error seen on the Admin UI when trying to register a reverse invoke conn. Could you increase the logging and see what the underlying error is? Also have you tried to register another port than 443? This since 443 is usually for HTTPS traffic.

Let me know.
-Jordy

Guest · May 12, 2004, 8:31pm

Jordy,

I raised the logging level to 10 (facilities: 0079 Reverse Invoke and 0080 Asynchronous Connection API)…and what a surprise I got this trace:

2004-05-12 09:23:26 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:registerReverseConnections begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:registerReverseConnections ok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.remote:serverList begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.remote:serverList ok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.net.listeners:ListenerAdmin begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.net.listeners:ListenerAdmin ok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:listRegisteredConnections begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:listRegisteredConnections ok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:getSecurityConfiguration begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:listRegisteredConnectionsok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:listRegisteredConnections begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.security.revInvoke:getSecurityConfiguration ok
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.portAccess:getPort begin
2004-05-12 09:23:27 CDT 2CQqD+xvxy8pdi6JuCyYL|M9kjDI=555591
3291150 wm.server.portAccess:getPort ok

It seems ok, indeed the message from the UI console is still “Unable to register any Reverse Connection with alias”.

I didn’t try to register other SOCK port then 443, because this is the only one that our network group allow to be open.

I really appreciate you help…thank you very much.

Michele

Jordy · May 12, 2004, 8:49pm

Michele,

There could be another conflicting alias that is not working properly that it’s trying to use underneath. What you could do is remove the cnf files (revInvoke-connList) or something similar from the config folder (first shutdown) I think there are 2 related files. Then re-register the connections (creating the alias again). Safest way is to make a backup of the cnf files.

-Jordy

Guest · May 12, 2004, 11:34pm

Jordy,

I stop the SAP BC, I deleted two files
remote.cnf
revinvoke-auth.cnf
I restarted the SAP BC.
I created the remote serever and repeated the registration unsuccessfully. I noticed that just the remote.cnf have been recreated (!?).
I created also with a fancy remote sever with a fancy IP address and the system is correctly complaining in the log about it, when I try to register it…
Might be that the authentication method is wrong? In the IS I specified Administrator/password of the RI box…is this correct?

Again thank for your valuable help.

Ciao
Michele

Jordy · May 13, 2004, 12:38pm

Michele,

Do you see a revInvoke-connList.cnf anywhere in there? Admin user & password should be fine.

-Jordy

Guest · May 14, 2004, 3:58am

Jordy,

i found out that the file remote.cnf didn’t had the proper IP address. I correct it and I was able to register the RI correctly.

I guess that sometime during the troubleshooting it got it wrong and that was actually the cause of the problem.

Thank you very much for your help, indeed.

Michele