cancel
Showing results for 
Search instead for 
Did you mean: 

RFC_COMMUNICATION_FAILURE for SNC Connection

jongilman
Explorer
0 Kudos
4,189

We have an external application making RFC calls into our SAP system without a problem. However, we have now decided to use SSO with Active Directory for user authentication. The user logs in to an ADFS service and the SAML response containing the user's X509 certicate is then sent through our application to SAP. For some reason port 4800 is not running on our SAP server. The error we are getting is below:

RFCCommunicationError: RFC COMMUNICATION ERROR: RFC connection open failed/ 1 / RFC_COMMUNICATION_FAILURE /

LOCATIONCPIC (TCP/IP) on local host with Unicode

ERROR partner '192.168.204.102:4800' not reached

TIMEMon Mar 26 10:24:33 2018

RELEASE 720

COMPONENT NI (network interface)

VERSION 40

RC-10

MODULEnibuf.cpp

LINE4658

DETAILNiBufIConnect: connection pending after 60000ms

SYSTEM CALL connect

ERRNO 115

ERRNO TEXTOperation now in progress

COUNTER 2

Here are the connection parameters we are using:

{

"lang": "EN",

"client": "010",

"ashost": "192.168.204.102",

"gwhost": "sapeccdb101",

"gwserv": "sapgw00",

"sysid": "DEV",

"snc_lib": "/home/ubuntu/sec/libsapcrypto.so",

"snc_mode": "1",

"extidtype": "UN",

"extiddate": "< user name >"

"x509cert": "< base64 encoded user certificate >"

"snc_myname": "< our app's canonical name >",

"snc_partnername": "< sap server's canonical name >"

}

I have confirmed that the process sapgw00s is not running. I've also confirmed that our users are using SAP's Secure Login Client for SNC connections into SAP, but that the SNC traffic for the GUI is flowing over port 3200. I was under the impression that SNC GUI traffic flowed over port 4700. How do you control the ports over which SNC traffic flows?

View Entire Topic
oppancs
Contributor
0 Kudos

Please try tje followings:

1. Check the profile parameter snc/enable on your application servers. On the CI probably it is turned off, as result there is no service sapgw00s on the application server and when the other application server is trying to reach this the connection fails. For more see the following document: http://help.sap.com/saphelp_nwpi71/helpdata/en/ed/fb958dd978458e99168d43f408665e/frameset.htm

2. Verify if the AS Java is able to reach the hostname using OS commands (i.e. ping, traceroute, nslookup) from the affected system. If not, please ask for internal IT team assistance to verify the resolution for the hostname issue at OS level.

3. If everything seems ok, try connect to hostabc2 and sapgw02 from where the error occurs (hostabc1):
niping -c -H hostabc2 -S 3302
Check also if the host and port are resolved to the correct value
(also on the host where the error occurs - in this example hostabc1)
> niping -v -H hostabc2
> niping -v -S sapgw02
If these tests are not successful then the config of the ports/services that are used must be checked