Visit: seeburger.com Support
English Deutsch
iPaaS
iPaaS
SEEBURGER Customer Portal
BIS License Manager
Administration
Service Monitor
Peppol Access Point
iPaaS
Basics System setup Trading partner onboarding BIS processing rules User management Staging and production Mapping tools Archiving Process monitoring System maintenance Support Trouble­shooting
B2B Directory
Communication Service
Supplier Portal Service
Cloud Integration MS
Message Tracking
User Mgmt. Service

iPaaS

Basics

System setup

Trading partner onboarding

BIS processing rules

User management

Staging and production

Mapping tools

Archiving

Process monitoring

System maintenance

Support

Trouble­shooting

Show more...

Basics System setup Trading partner onboarding BIS processing rules User management Staging and production Mapping tools Archiving Process monitoring System maintenance Support Trouble­shooting
Home > iPaaS > System setup
System setup

Connection types from network perspective

Setup of VPN tunnel

Setup of VPN tunnel

To connect your system to SEEBURGER, it is possible to use a secure VPN tunnel. In the graphic below, you can see how the connection is established in general.

The SEEBURGER systems on which the BIS is installed own their private IP addresses, and they are translated to public IP addresses via NAT. Those public IP addresses are the only visible IP addresses when traffic arrives at your end. Normally, a small public segment (usually /27 network) is provided as SEEBURGER encryption domain for the VPN connection.

    General important information:

  • You must have an IPsec compliant VPN gateway such as CISCO ASA, CISCO router, Check Point etc.

  • SEEBURGER utilizes a CISCO ASA as VPN gateway.

  • SEEBURGER supports only the ISAKMP/Oakley (IKE) encryption scheme.

  • SEEBURGER supports policy and route-based IPsec VPN tunnels.

  • SEEBURGER policy for accepted IP addresses: Only public IP addresses are accepted.

    The following IP addresses are not accepted:

    • (RFC 1918) 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16

    • (RFC 6598) 100.64.0.0/10

    • (RFC 3927) 169.254.0.0/16

    • (RFC 5735)

    • (RFC 5736) 192.0.0.0/24

    • (RFC 5737) 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24

    • (RFC 3068) 192.88.99.0/24

    • (RFC 2544) 198.18.0.0/15

    • (RFC 3171) 224.0.0.0/4

    • (RFC 1112) 240.0.0.0/4

    • (RFC 1700) 255.255.255.255/32

  • It is not recommended to build VPN networks with equipment of different brands.

  • SEEBURGER regularly checks all IP addresses to verify if they are registered appropriately.

  • SEEBURGER builds third party VPN connections based on best effort and without any guarantees after setup.

Note: Private RFC 1918 addresses will not be accepted to avoid conflicting addresses between you and our own private addressing scheme. Please configure NAT on your VPN device to translate the private addresses into public addresses.

Setting up the VPN tunnel consists of two phases:

  • Phase 1 - Internet Key Exchange (IKE): provides the initial parameters for the connection, like the IP addresses of the communication partners,

  • Phase 2 - IPsec: provides further parameters when IKE is working, like the IP addresses of the encryption domain.

Note: In order to create a secure tunnel, only ports specific and needed for the connection will be defined and opened within the tunnel. Please note that ports allowed to be used in the VPN tunnel are only those that support our services.

To set up a VPN connection, you need to exchange the following data with SEEBURGER.

  • contact information for technical purposes

  • information on VPN device and VPN settings

  • information for IKE settings

  • information for firewall policy

Find more information here:

> Exchanging data for the VPN tunnel creation

Exchanging data for the VPN tunnel creation

Setup of MPLS

Internet connection setup

Connection BIS to SAP servers

Integration of BIS Front End

Integration of BIS Web Front End

Integrating BIS Front End via stand-alone installer

Troubleshooting for starting the login session

Options for user authentication

Configuration of SAML authentication

Two-factor authentication

Logging in via two-factor authentication

Troubleshooting for two-factor authentication

Integration of Message Tracking

BIS on-premises to iPaaS

Full Managed Service to iPaaS

About SEEBURGER
SEEBURGER - Everything from One Source
With a holistic approach including business consulting and technical implementation, our customers rapidly achieve complete automation of business processes and full integration of business partners.
Contact SEEBURGER
Find your local office Contact us About SEEBURGER
Quicklinks
Blog Marketplace Overview Events Case Studies
Hot Topics
Platform Capabilities Deployment and Service Models Cloud Services Overview Ecosystem Integration
SEEBURGER AG Legal Notice Terms of Use Copyright Data Privacy Policy Compliance