Destination Types

Each destination has a connection-type field (Connection type) that indicates the system connection type:

?     R/2 Connections (Type 2)

Type 2 entries indicate R/2 systems. No further specification is required. When you create a type 2 entry, therefore, you only need to specify the host name. All communications information is already stored in the background info table in the SAP Gateway host. If you want, you can also specify logon information.

Example entry name: K50

?     ABAP Connections (Type 2)

Type 3 entries indicate ABAP systems. When you create a type 3 entry, you need to specify the host name and communication service. If you want, you can also specify logon information. As of Release 3.0, you can also select the load-balancing option.

You can specify an application server from the ABAP message server. The application server is then determined according to the load-balancing process. This applies to RFCs between two ABAP systems and to RFCs between an ABAP system and an external system.

Example entry name: K11

?     Internal Connections (Type I)

Type I entries indicate ABAP systems connected to the same data base as the current system. These entries are pre-defined and cannot be modified. The entry names are the same as those used in the SAP Message Server (transaction SM51)

Example entry name: hs0010_K11_24

0     hs0010=host name

0     K11=system name (database name)

0     24=TCP-service name

?     Logical Destinations (Type L)

Instead of indicating a system connection, type L (logical) entries refer to a physical destination. Type L destinations can also refer to other type L entries. A type L entry uses the information in the reference entry and adds further information of its own. Normally, the reference entry contains the host information, while the type-L entry contains logon data. You can also specify a user name, an explicit password, a logon language or an explicit client.

A type L entry can refer to other type L entries.

Example entry name: K11_SD or K11_01

0     K11=name of RFCDES entry for ABAP system K11

0     SD or 01: for the fields User='SD_INPUT' or client='001'

?     Connections via ABAP Driver (Type X)

Type X entries indicate systems where device drivers in ABAP have been specially installed. When you create a type X entry, you need to specify the name of the ABAP device driver.

?     TCP/IP Connections (Type T)

Type T destinations are connections to external programs that use the RFC library to receive RFCs. The activation type can be either Start or Registration.

If it is Start, you need to specify the host name and the path name of the program that you want to start.

Activation Type Start

The communication method depends on how you select the program location:

0     Explicit host

In this case, the program is started either by the default gateway for the system or by the explicitly specified gateway (gwrd) via remote shell.
Ensure that the computer with the gateway process can access the specified computer by entering
/etc/ping <host name>.

If you want to start a program on another computer using the remote shell, the target system must meet certain conditions.

§         The user ID of the gateway process must exist, and the user’s directory must contain a file called .rhosts.

§         The file .rhosts must contain the name of the calling computer.

To check this, log on to the computer containing the gateway process with the appropriate user ID and enter the command remsh <host name> <program name>. The <host name> and <program name> must be the same as in SM59 . (If you call an RFC server program without any parameters, the RfcAccept call always returns an error code (RFC_HANDLE_NULL), and the program terminates immediately.)

0     Application Server

When choosing Application server and specifying your program, you can start the program from the SAP application server.

First, ensure that the program can be accessed from the SAP application server and that the SAP application server has the authorization to start the program.

To check this, log on with the user ID of the SAP application server (e.g. c11adm). If possible, change to the working directory of the SAP application server (/usr/sap/.../D.../work) and try to start the RFC server program manually from there. (If you call an RFC server program without any parameters, the RfcAccept call always returns an error code (RFC_HANDLE_NULL), and the program terminates immediately.)

0     Front-End Workstation

When choosing Front-end workstation and specifying your program, you can start the program from the SAPGUI.

Ensure that you can access the program with SAPGUI.

Ensure that SAPGUI has the authorization to start the program.

To check this, simply call the RFC server program in your environment.

The function call can also be transactional (CALL FUNCTION... IN BACKGROUND TASK DESTINATION...).

Activation Type Registration

If the activation type is Registration, you have to identify a registered RFC program. With an SAP gateway, you can register an RFC server program under this ID and then wait for RFC calls from other SAP Systems.

Example entry name: SERVER_EXEC

?     Type M

Type M entries are asynchronous RFC connections to ABAP systems via CMC (protocol X.400).

?     Type S

Type S corresponds to type 2, except that the destination is SNA or APPC.


HTTP Connection to Ext. Server (Connection Type G)

Select the connection you require. You can choose from the following logon procedures:

?     No logon. The server program does not require you to enter a user or password.

?     Basic Authentication. The server program requires you to enter a user and password. Basic Authentication is a standard HTTP authentication method. When the user logs on to the target system, a user ID and a password are provided for authentication. This information is then transmitted across the HTTP connection to the server, in the form of a base64 encoded string in a header variable.

?     SSL Client Certificate. If you use client certificates for the authentication, the client authentication is performed using the Secure Sockets Layer (SSL) protocol. In this instance, you also have to select the SSL client PSE of the Application Server, which contains the certificate that is to be used for the authentication. The target system must treat the system that issues the client certificate of the SAP NW AS as a “trusted” system.


On the Logon/Security tab page, you can also activate SSL, so that HTTPS is used as a protocol (you must then make sure that the correct port is set under Technical Settings). To define which type of SSL client is used, call the security transaction STRUST. ( Getting Started with the Trust Manager, Trust Manager).

As an additional protective measure, the field Authorization for Destination has been introduced. We recommend that you specify a user and a password for the RFC destination.

HTTP Connection to an ABAP System (Connection Type H)

Here you have a variety of options for authentication in the target system.

The settings on the Technical Settings and Special Options tab pages are identical to those of connection type G. On the Logon/Security tab page, connection type H has additional logon processes compared to connection type G. As with the external server, you can (de)activate SSL and specify an authorization.

As the destination system is an SAP System, you can set the client and language for the logon as well as the user name and password. If you check Current User, you have to specify the password again.

The options available for the authentication are Basic Authentication, SAP Standard, SAP Trusted System and SSL Client Certificate.

?     HTTP Basic Authentication: Logon using user and password.

?     SAP Standard: This method uses a logon like the RFC logon processes. Here, the RFC Single Sign-On procedures within a system also apply. The same SAP user (client, language, and user name) is used for logon.

?     SAP Trusted System: Trusted RFC logon to another SAP system (see: Trusted System: Trust Relationships Between SAP Systems).

?     SSL Client Certificate: Using the SSL protocol, the logon can be made using client certificates.


Maintaining Group Destinations