Skip to Content

Issue :

Error from dev_jrfc.trc file

================================================

LOCATION SAP-Gateway on host <hostname>

ERROR registration of tp <Jco destination name> from host

<hostname> not allowed

TIME Fri May 10 10:30:58 2013

RELEASE 720

COMPONENT SAP-Gateway

VERSION 2

RC 720

MODULE gwxxrd.c

LINE 3642

COUNTER 6303

Return code: RFC_FAILURE(1)

error group: 102

key: RFC_ERROR_COMMUNICATION

Solution :

As of 720 kernel, registration of external server program is controlled by profile parameters gw/acl_mode, gw_reg_info and gw/sec_info.

For security reasons, SAP has made it mandatory to use gw/reg_info and gw/sec_info to allow any external program to get registered on host.

So, entries of the host wanting to register program in gateway, has to be maintained in the file reg_info and sec_info.

Location of these files is maintained using gw/reg_info and gw/sec_info profile parameter.

If the files are created without any entries, then no external server is allowed to register external programs. If files are created then entries for the servers has to be maintained.

If the files are not created, then parameter gw/acl_mode can be used to control registration of external programs on the system.

gw/acl_mode = 0 will allow registration of external server program

gw/acl_mode = 1 will not allow registration of external server programs and you need to maintain reg_info and sec_info files.

More information about the same can be found in below SAP notes :

Note 1408081 – Basic settings for reg_info and sec_info

Note 1069911 – GW: Changes to the ACL list of the gateway (reginfo)

To report this post you need to login first.

8 Comments

You must be Logged on to comment or reply to a post.

  1. Aidan Hanet

    Hi,

    The gateway security loggingis very usefull to pin point ACL related errors. It isn’t activated by default.

    To activate it: SMGW => Goto => Expert Functions => Logging => you will get the screen where you can choose what you want to log.

    For “denied ACL errors” the most usefull is the Security (Rejected Accesses Only).

    To check the log you need to click on the display file icon just on the right of the log file name.

    Krs,

    Aidan

    (0) 

Leave a Reply