diff --git a/modules/auxiliary/scanner/sap/sap_router_portscanner.rb b/modules/auxiliary/scanner/sap/sap_router_portscanner.rb
index c5e19894c9..666d35422f 100644
--- a/modules/auxiliary/scanner/sap/sap_router_portscanner.rb
+++ b/modules/auxiliary/scanner/sap/sap_router_portscanner.rb
@@ -9,7 +9,6 @@ class Metasploit3 < Msf::Auxiliary
 
   include Msf::Exploit::Remote::Tcp
   include Msf::Auxiliary::Report
-  include Msf::Auxiliary::Scanner
 
   def initialize
     super(
@@ -37,6 +36,7 @@ class Metasploit3 < Msf::Auxiliary
     register_options(
       [
         OptAddress.new('SAPROUTER_HOST', [true, 'SAPRouter address', '']),
+        OptString.new('RHOSTS', [true, 'The target hostname, address range or CIDR identifier', '']),
         OptPort.new('SAPROUTER_PORT', [true, 'SAPRouter TCP port', '3299']),
         OptEnum.new('MODE', [true, 'Connection Mode: SAP_PROTO or TCP ', 'SAP_PROTO', ['SAP_PROTO', 'TCP']]),
         OptString.new('INSTANCES', [false, 'SAP instance numbers to scan (NN in PORTS definition)', '00-99']),
@@ -47,10 +47,11 @@ class Metasploit3 < Msf::Auxiliary
         # 3NN11,3NN17,20003-20007,31596,31597,31602,31601,31604,2000-2002,
         # 8355,8357,8351-8353,8366,1090,1095,20201,1099,1089,443NN,444NN
         OptInt.new('CONCURRENCY', [true, 'The number of concurrent ports to check per host', 10]),
-        OptEnum.new('RESOLVE',[true,'Resolve RHOSTS on saprouter',false,['remote','local']])
+        OptEnum.new('RESOLVE',[true,'Where to resolve RHOSTS',false,['remote','local']])
       ], self.class)
 
     deregister_options('RPORT')
+    deregister_options('RHOST')
 
   end
 
@@ -238,7 +239,7 @@ class Metasploit3 < Msf::Auxiliary
 
   def parse_response_packet(response, ip, port)
 
-    vprint_error("#{ip}:#{port} - response packet: #{response}")
+    #vprint_error("#{ip}:#{port} - response packet: #{response}")
 
     case response
     when /NI_RTERR/
@@ -255,9 +256,9 @@ class Metasploit3 < Msf::Auxiliary
       when /reacheable/
         vprint_error("#{ip}:#{port} - unreachable")
       when /hostname '#{ip}' unknown/
-	      vprint_error("#{ip}:#{port} - unknown host")
-	    when /GetHostByName: '#{ip}' not found/
-	      vprint_error("#{ip}:#{port} - unknown host")
+        vprint_error("#{ip}:#{port} - unknown host")
+      when /GetHostByName: '#{ip}' not found/
+        vprint_error("#{ip}:#{port} - unknown host")
       else
         vprint_error("#{ip}:#{port} - unknown error message")
       end
@@ -271,6 +272,18 @@ class Metasploit3 < Msf::Auxiliary
     return nil
   end
 
+  def run
+    if datastore['RESOLVE'] == 'remote'
+			run_host(datastore['RHOSTS'])
+    else
+		# resolve IP or crack IP range
+			ip_list = Rex::Socket::RangeWalker.new(datastore['RHOSTS'])
+      ip_list.each do |ip|
+				run_host(ip)
+      end
+    end
+  end
+
   def run_host(ip)
 
     sap_host = datastore['SAPROUTER_HOST']
@@ -306,13 +319,8 @@ class Metasploit3 < Msf::Auxiliary
 
           begin
 
-	          if datastore['RESOLVE'] == 'remote'
-		          route_ip = datastore['RHOSTS']
-	          else
-		          route_ip = ip
-	          end
             # create ni_packet to send to saprouter
-            routes = {sap_host => sap_port, route_ip => port}
+            routes = {sap_host => sap_port, ip => port}
             ni_packet = build_ni_packet(routes)
 
             s = connect(false,
@@ -325,7 +333,7 @@ class Metasploit3 < Msf::Auxiliary
             s.write(ni_packet, ni_packet.length)
             response = s.get()
 
-            res = parse_response_packet(response, route_ip, port)
+            res = parse_response_packet(response, ip, port)
             if res
               r << res
             end