Hi Gurav,
I tried to add the snc/identity/as, but it haven’t worked. I have tried to add the same DN as providing to SAP and mentioned above, or I have tried to supply it the DN from STRUST transaction "CN=SM1, OU=I0020811359, OU=SAP Web AS, O=SAP Trust Community, C=DE“, it has worked neither.
add 1. yes, I have saprouter running on internal address and the port 3299 is forwarded to the external IP. I have found out, that there has been one problem. The router had 2 addresses so every request from saprouter went out through 192.168.200.10, but from outside to the saprouter came from 192.168.200.186. I figured out it might be a problem and asked our virtual machine provider to let only one IP so it is ok now. I have restarted the SLES, SAP and saprouter. Tried again and still the same error,
add 2. from internal ip/name resolution, from external network only the IP,
add 3. yes, sapdp00 through 99 is there, but sapdp00 is 3200/tcp
I have also tried to use different sapcryptolib. I have the newest and tried to download the „common“ one, but I get different error which is more or less the same:
NiIRead: hdl 17 received data (rcd=778,pac=1,MESG_IO)
->> SncProcessInput(snc_hdl=0xcb2db0, ibuf=0xcbc6f8, ilen=2222, &obuf=0x7fff2e70b8a8,
&olen=0x7fff2e70b8b8, &backbuf=0x7fff2e70b6a0, &backlen=0x7fff2e70b6b0)
*** ERROR => SncPEstablishContext() failed for target='p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE' [sncxxall.c 3386]
*** ERROR => SncPEstablishContext()==SNCERR_GSSAPI [sncxxall.c 3352]
GSS-API(maj): Miscellaneous failure
GSS-API(min): A2200202:Actual server name differs from requested one.
Unable to establish the security context
target="p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE"
<<- SncProcessInput()==SNCERR_GSSAPI
*** ERROR => NiSncIProcIn: SncProcessInput failed (sncrc=-4;cb2db0;2222) [nisnc.c 1010]