| Note |
|---|
FOLLOWING SAP DOCUMENTATION: “ATTENTION Please note that we will migrate and unify the Please note that those new IP addresses have to be added to a firewall configuration and is marked below in blue. For more information please refer to the following announcement: Common Superdomain for Saas Applications.” source: Firewall Configuration Requirements | SAP Help Portal |
Firewall between FSM and Message Broker
The firewall placed between a message broker and FSM Cloud must allow unidirectional access via HTTPS to:
Message Broker prior to 4.4:
auth.coresuite.com
ds.coresuite.com
[de|eu|us|cn|au].coresuite.com,
[de|eu|us|cn|au]. coresystems.net
Message Broker 4.4 and above:
domain auth.fsm.cloud.sapcoresuite.com is obsolete and was not migrated
ds.fsm.cloud.sap
[de|eu|us|cn|au].fsm.cloud.sap
[de|eu|us|cn|au].fsm.cloud.sap
All connections use port 443.
Firewall between SAP and Message Broker
The firewall placed between a message broker and SAP system must allow bidirectional access.
TCP port used by message broker depends on its configuration
TCP port used by SAP depends on system settings - it must be either port used for HTTP connections or port used for HTTPS connection
Use of HTTPS is optional and both channels (to and from SAP) are independent in that matter - for instance, one may setup secure connection from SAP to message broker and regular HTTP in the opposite direction
➡️ More on the SAP Field Service firewall configuration requirements can be found under the following link.