Help Center/ SAP Cloud/ SAP NetWeaver User Guide/ Deploying SAP NetWeaver/ Resource Preparation/ Creating a Subnet and Configuring a Security Group
Updated on 2022-12-23 GMT+08:00

Creating a Subnet and Configuring a Security Group

Scenarios

To ensure proper communication between all SAP NetWeaver ECSs, create subnet for the ECSs and configure a proper security group.

Procedure

  1. Create a subnet.

    1. Log in to the public cloud management console.
    2. In the navigation pane on the left, click and choose Network > Virtual Private Cloud.
    3. Choose Subnets on the left of the page.
    4. In the upper right corner of the page, click Create Subnet.
    5. In the Create Subnet dialog box, configure parameters as prompted.
      • VPC: Select the VPC created in Applying for a VPC.
      • Name: Configure the subnet name that is easy to identify, for example, service_subnet.
      • CIDR Block: Configure this parameter according to the deployment plan described in sections Network Plane Planning and Security Group Planning.
      • Gateway: Use the default setting for this parameter.
    6. Click OK to complete the subnet configuration.
    7. Repeat 1.a to 1.f to create all required subnets according to the requirements specified in sections Network Plane Planning and Security Group Planning.

  2. Set security groups.

    SAP NetWeaver, NFS server, NAT server, and SAP HANA require security groups.

    1. Choose Network > Virtual Private Cloud. In the navigation pane on the left, choose Access Control > Security Groups and then click Create Security Group in the upper right corner of the page.
    2. Enter a security group name, select the target enterprise project from the drop-down list, and click OK. Name the security group that is easy to identify, for example, studio_security_group.
    3. Click Access Control > Security Groups on the left and then click the security group to which the access rule is to be added in the security group list.
    4. Click Add Rule on the Inbound Rules or Outbound Rules tab as planned.
    5. On the displayed page, add the rule according to the requirements specified in sections Network Plane Planning and Security Group Planning.

      Figure 1 shows some default security group rules.

      Figure 1 Some default security group rules
    6. Repeat 2.a to 2.e to configure all security groups.