Help with the configuration of the communication between two SAP systems, each one being located at one end of a NATed network topology.
This page contains an example of NATed topology, and the settings that need to be performed to configure an RFC communication between two SAP systems located at different ends of a NATed network environment.
Details of the example of topology
This section contains the example of topology that will be used to illustrate which settings need to be performed for the RFC communication to work on a NATed environment. The IP addresses and NAT mappings must be adjusted according to your own network.
Both the source system (SRC) and the target system (TRG) have two instances running on dedicated servers. Each server will have its own IP address, of course. However, each server must also have its own external (NAT) IP address.
The routing details will not be addressed. You must ensure that when the SRC system sends data to the external (NAT) IP of the TRG system, this data finds its path through the network.
If you want to use hostnames instead of IP addresses, you must also ensure that when the SRC system performs a DNS query to get the IP address of a particular TRG server, the external (NAT) IP is returned.
Settings at the SAP systems
The parameter "gw/alternative_hostnames" must contain the external (NAT) IP address that is mapped to the local SAP server. Assuming that the parameter is not currently set on any of the four involved SAP instances, the table below shows to which value it must be set at each instance:
The parameter "rdisp/use_rfc_dest_lookup" must be set to "ON" (in uppercase letters) on all four involved instances. This parameter requires an instance restart to become active.
At the target (TRG) system, you must create the "SRC@BACK@" RFC destination at the transaction SM59 (see the SAP note 555162). It must be an ABAP destination (type = 3), and the following table shows which values should be set at the fields under the "Technical settings" tab. There is no need to set any other option, under any other tab, for this "@BACK@" destination.
10.50.20.35 (the internal IP address!)
172.16.20.35 (the external – NAT – IP address!)
At the SRC system, the RFC destination that points to the target system must have the following settings under the “Technical settings” tab:
10.20.10.50 (the internal IP address!)
172.26.200.50 (the external – NAT – IP address!)
The connection from SRC to TRG should work now.
If the source system is not an SAP system, but an RFC-enabled program, then you just need to point it to the external (NAT) IP address, besides configuring the "gw/alternative_hostnames" parameter at the SAP system.
It is not possible to use load balance in NATed environments. Refer to the SAP note 1418278.
SAP note 21151: Multiple Network adapters in SAP Servers
SAP note 555162: Asynchronous RFCs with a dialog using a SAP router
SAP note 1033987: Remote login using NAT or SAP router fails
SAP note 1418278: RFC load distribution does not work via NAT