Register Login

What is SAP Router?

Updated May 18, 2018

SAP Router Definition

SAProuter is an SAP program which behaves as an intermediate station or proxy between SAP systems and external networks. It controls the access to our network and protects our SAP network against unauthorized access. It normally installed on the system with the firewall.

The use of saprouter means that a client will first connect to saprouter. SAProuter then connects to an additional SAProuter or to a SAP server.

Characteristics of SAPRouter:

1.Maintain our systems in the Market Place

2. SAP able to connect and we need to provide authentication

3. SAP Router provides the authorization and we need to provide the authentication.

The password will be visible [   ].

SAP router side will restrict the user.

Market place > connect to SAP
> R/3 Support
> Open connection

Take out the access from SCC4, SE38, SA38...

SAP Router is an executable which is used to restrict the access to the customer systems over the network. It works like a firewall/ proxy to permit and deny the access to the SAP systems.

It needs to be configured before implementation Part of SAP.
RMMAIN t-code only in SOLMAN

Implementation Road Map > Technical Infrastructure Planning > Order for Remote Connection to SAP

Project Preparation Phase

SAP Router

1. Create message to SAP along with your SAP Router [Hostname], IP Address and Customer Number (SAP Router need not be installed on Solution Manager /DEV/ QAS/ PRD. 

It can be installed on any desktop, but it is advised to install on SOLMAN system to ensure that it is monitored periodically.

Cust Number: When we buy SAP we will be provided with the customer number.

.SAR - SAP Archive
.CAR - Compressed Archive

Kernel comes with .SAR only

[Global Host] - DB - Central Instance - Dialogue InstanceUsrsap

2. SAP responds with the distinguished name.

3. Create SAP Router directory and copy the executables from exeucNTi386 or download from the market place. ( copy only SAPCAR.exe, SAPROUTER.exe and NIPPING.exe

4. Download the Cryptography files from Market place related to OS and bit version (Download *.SAR files)

5. Uncar the files into SAPRouter directory

6. sapgenpse......... executable used to generate the personal security environment.
SAPROUTETAB is a file (without any extension) used to have ACL (Access Control List) S - Secure; P - Permit; D - Deny; K -SNC (Secure network connection)

7. Generate the certificate using distinguished "DN" name with executable SAPGENPSE.

8. Copy and Paste certificate from Begin to End the market place url/Saprouter-SNCADD

9. Request a certificate from the market place copy into srcert.

10. Import the certificate into router system using SAPGENPSE

11. Start the router using command saprouter -r -k "DN"

12. Goto SMP ---- Report Error --- Connect to SAP

Select the system - Maintain System Data -- Download service connector -- Maintain Router details ------- Start service connector -- Open connection by selecting the service---- Specify no of days and hours. Similarly, maintain all the other systems in the landscape. Inform SAP to connect to our systems.

13. On each backend system, we need to maintain the RFC details in OSS1 Transaction. It will update SAPOSS RFC Connection.

SAPOSS, SAP-OSS, SAPSNOTE are created on communicating with the Market Place.


  • 23 Sep 2010 12:30 pm rekha Best Answer

    SAP Router u have to configure it through SAP Service market place and apply for the license and it will let u to download the notes from SAP service market place and u can access the SAP GUI from home or any place with internet from ur laptop You should be able to see this SAPRouter in the Service Marketplace now.

    1. logon to the SAP Service Marketplace with your S-user (internet explorer:

    2. Change to the alias SAPROUTER-SNCADD (

    3. There you should see -Software -Certificates First you have to download the crypto-Software from the SAP Service Marketplace.

    Please check if it is possible for you to download the software. You can do that if you press the button 'Software'. You should get a note (Export Control Regulation). You are not allowed at the moment if you can't see a boutton 'I agree' in this screen. If you can't see the button 'I agree' then please follow the instructions on the page in the Service Marketplace ( Trust Center Service, not yet registered) and contact your local SAP contract administration and request the access to this page.They will initiate the further steps.

  • 23 Sep 2010 12:29 pm rekha Helpful Answer
    You can find two Sap router files in SAp - one in the Server in the
    Run Folder - second one while instaling the GUI. SAP Router or
    saproutr files actually helps the Sap to connect to another Sap system
    which in turn is connected to Routing Table.To be more clear SAPRouter
    files connects SAP with Router.

    To configure SAP Router you need use SAP String's explained below in
    my mail as attached.

  • 23 Sep 2010 12:32 pm rekha Helpful Answer
    Hi all,
    I want to send message to register Host Name and IP for SAPROUTER.I am using ECC 6.0 with Oracle 10g database.
    But I unable to do so.Please tell me step by step procedure to send message.
    It's urgent.
  • 23 Sep 2010 12:34 pm rekha Helpful Answer
    The question is very good - Please open SAPROUTR Files under Run Folder and then contact you System/Network Administrator
    then follow the steps.
    Its not possible to explain the complete issue. If I try to narate the issue then the Online security issues
    may crop up.

    One have to check all the security settings before configuring the SAP Router File dear.

  • 23 Sep 2010 12:28 pm rekha
    A route string describes the stations of a connection required between
    two hosts. A route string has the syntax


    It consists of any number of substrings in the form /H/host/S/service/W/pass .
    H, S, and W must be uppercase!
    A route string contains a substring for each SAProuter and for the
    target server.
    Each substring contains the information required by SAProuter to set
    up a connection in the route: the host name, the port name, and the
    password, if one was given.
    Syntax for substrings:
    · /H / indicates the host name-{}-
    Note that the host name must be at least two characters long.

    · /S/ is used for specifying the service (port); it is an
    optional entry, the default value is 3299

    · /W/ indicates the password for the connection between the
    predecessor and successor on the route and is also optional (default
    is "", no password)