Internet-Security.com TCP port 3299 details

TCP port 3299 is the default port for SAProuter, SAP’s application-layer proxy used to route SAP GUI and RFC traffic across networks. It is widely deployed with SAP NetWeaver/ABAP systems and SAP Solution Manager to broker client connections to internal SAP application servers and to enable remote support connections to SAP (SAP Support Backbone/OSS). Enterprises often expose SAProuter on 3299 to allow partners or managed service providers controlled access to internal SAP services, sometimes with SNC for encryption. Security: attackers scan 3299/tcp for exposed or misconfigured SAProuters and abuse them as open proxies to pivot into internal SAP landscapes; SAP and researchers (e.g., SAP Security Note 614971 and Onapsis advisories) have documented access-control bypass and information disclosure risks.

TCP 3299