Updated on 2024-12-04 GMT+08:00

Getting Started

(Optional) Modifying Security Group Rules

This solution uses ports 22 and 3389 to remotely log in to the cloud server. By default, the VPC subnet created in this solution allows access from the ports 22 and 3389. Configure an IP address whitelist by referring to Modifying a Security Group Rule.

A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, to control inbound and outbound traffic. Cloud resources associated with the same security group have the same security requirements and are mutually trusted within a VPC.

You can modify the security group policy, for example, by adding, modifying, or deleting a TCP port, as follows:

  • Adding a security group rule: Add an inbound rule and enable a TCP port if needed.
  • Modifying a security group rule: Inappropriate security group settings can be a serious security risk. You can modify security group rules to ensure the network security of your instances.
  • Deleting a security group rule: If the source or destination IP address of an inbound or outbound security group rule changes, or a port does not need to be enabled, you can delete the security group rule.

Software Installation

  1. On the ECS console, view the created instances.

    Figure 1 Created instances

  2. (Optional) Change the password of the instance. Select an instance and click Stop. After the instance is stopped, click Reset Password to reset the password and click OK. The change will be applied after the instance is started.

    Figure 2 Changing the password

  3. Log in to the instance where SAP Business One is to be deployed through SSH and use remote desktop to log in to the instance where SAP Business One Client is to be deployed. Add the source IP address to an IP address group suffixed with ipGroup-tcp22. For example, if the public IP address of a local computer is 22x.xx.xx.xx, add the IP address to the address group. Then this compute can access the SAP Business One server through the port 22 and access the SAP Business One Client through the port 3389. Use the corresponding tool on this computer to access port 60022 or 63389, which is configured in the DNAT rule of the Public NAT Gateways to map port 22 or 3389.

    Figure 3 Adding an IP address to an IP address group
    Figure 4 Port mapping in the DNAT rule
    Figure 5 Connecting to the SAP Business One server using SSH
    Figure 6 Connecting to SAP Business One Client through remote desktop

  4. Install the software by referring to HUAWEI CLOUD SAP Business One on HANA Installation Best Practice.