DocumentationRelease Notes
Log In
Documentation

Jump to a remote system

Suggest Edits

Once a Jumpoint has been installed on a remote network, permitted representatives can use the Jumpoint to initiate sessions with Windows and Linux computers on that same network, even if those computers are unattended. Additionally, a permitted representative can Jump to computers on the same network segment as their local system, even without a Jumpoint.

A Jumpoint can be used to start a standard support session, to start a Remote Desktop Protocol session or VNC session, to Shell Jump to a SSH-enabled or Telnet-enabled network device, or to start a session with an Intel® vPro Windows system. Support sessions, RDP sessions, and VNC sessions can also be started with systems on the same network segment.

ℹ️

Note

Linux Jumpoints can only be used for RDP and SSH/Telnet sessions.

Start a Local or Remote Jump session

To Jump through a Jumpoint, you must have access to a Jumpoint and must have the user account permission Allowed Jump Methods: Remote Jump. To Jump on your local network, you must have the user account permission Allowed Jump Methods: Local Jump.

To Jump without a pre-installed client, open the Jump to… dialog from:

  • The Support menu of the representative console
  • The Start button at the top of the representative console
  • The Jump To button at the top of the representative console
  • Or Create a Remote Jump in the web rep console
  1. From the Jumpoint dropdown, select the network that hosts the computer you wish to access. Depending on your account permissions, you can Jump to a system on your local network or to a network on which a Jumpoint is installed.
  2. Select the public portal you wish to associate your session with. This lets the system know what customer agreement behavior should occur.
  3. Enter the hostname or IP address of the system you wish to access. Alternatively, if network browsing is enabled from the /login > Jump > Jumpoint page, you can click the [...] button to browse the directory tree.
  4. Once you have located the computer you wish to access, click Jump.
    You must provide administrative credentials to the remote computer in order to complete the Jump. The administrative rights must be either a local administrator on the remote system or a domain administrator.

The client files are pushed to the remote system, and a session attempts to start. Depending on the session permissions, the end-user may be prompted to accept or deny the session. If no response is received within a defined interval of time, the session either starts or cancels, again depending on the session permissions.

ℹ️

Note

  • If you need to access systems through a Jumpoint when no user is available, make sure the public portal permissions and your account permissions are set either to disable prompting or to default to Allow.
  • Jump Items can be set to allow multiple users to simultaneously access the same Jump Item. If set to Join Existing Session, other users are able to join a session already underway. The original owner of the session receives a note indicating another user has joined the session, but is not allowed to deny them access.

Local or Remote RDP

Use BeyondTrust to start a Remote Desktop Protocol (RDP) session with a remote Windows or Linux System. Because RDP sessions are converted to BeyondTrust sessions, users can share or transfer sessions, and sessions can be automatically audited and recorded as your administrator has defined for your site.

To use Local RDP through BeyondTrust, you must be on the same network segment as the target system and must have the user account permission Allowed Jump Methods: Local RDP.

To use Remote RDP through BeyondTrust, you must have access to a Jumpoint and must have the user account permissions Allowed Jump Methods: Remote RDP.

  1. To start an RDP session, open the Remote Desktop Protocol dialog from:
  • The Support menu of the representative console
  • The RDP button at the top of the representative console
  • Or Create a Remote RDP Jump in the web rep console
  1. From the Jumpoint dropdown, select the network that hosts the computer you wish to access. If you generally access the same Jumpoint, check Remember as my preferred choice. Enter the Hostname / IP of the system you wish to access.
    By default, the RDP server listens on port 3389, which is therefore the default port BeyondTrust attempts. If the remote RDP server is configured to use a different port, add it after the hostname or IP address in the form of : or : (for example, 10.10.24.127:40000).
  2. Provide the Username to sign in as, along with the Domain.
  3. Select the Quality at which to view the remote screen. This cannot be changed during the RDP session. Select the color optimization mode to view the remote screen. If you are going to be primarily sharing video, select Video Optimized; otherwise, select between Black and White (uses less bandwidth), Few Colors, More Colors, or Full Color (uses more bandwidth). Both Video Optimized and Full Color modes allow you to view the actual desktop wallpaper.
  4. To start a console session rather than a new session, check the Console Session box.
  5. If the server's certificate cannot be verified, you receive a certificate warning. Check Ignore Untrusted Certificate to connect to the remote system without seeing this message.
  6. Move Jump Items from one Jump Group to another using the Jump Group dropdown. The ability to move Jump Items to or from different Jump Groups depends upon your account permissions.
  7. Further organize Jump Items by entering the name of a new or existing Tag. Even though the selected Jump Items are grouped together under the tag, they are still listed under the Jump Group in which each is pinned. To move a Jump Item back into its top-level Jump Group, leave this field blank.
  8. Select the Public Portal through which this Jump Item should connect. If a session policy is assigned to this public portal, that policy may affect the permissions allowed in sessions started through this Jump Item. The ability to set the public portal depends on your account permissions.
  9. Jump Items include a Comments field for a name or description, which makes sorting, searching, and identifying Jump Items faster and easier.
  10. To set when users are allowed to access this Jump Item, choose a Jump Policy. These policies are configured by your administrator in the /login interface.
  11. Choose a Session Policy to assign to this Jump Item. The session policy assigned to this Jump Item has the highest priority when setting session permissions. The ability to set a session policy depends on your account permissions.
  12. To import an RDP file, click the Import button. This prepopulates some of the fields required for the RDP connection.
  13. To begin the RDP session, click Jump.
    You are prompted to enter the password for the username you specified earlier.
  14. Your RDP session now begins. Begin screen sharing to view the remote desktop.
    You can send the Ctrl-Alt-Del command, capture a screenshot of the remote desktop, and share clipboard contents. You can also share or transfer the RDP session with other logged-in BeyondTrust users, following the normal rules of your user account settings.

Multi-monitor support

An option allows you to open a Remote Support connection expanded across all the monitors on the client computer regardless of the client monitor configuration. With this feature, you can fully utilize all the monitors connected to the client computer, therefore being able to adjust screen sizing and scaling during an RDP session across multiple monitors.

ℹ️

Note

  • If you are using full screen view while using this feature, the remote system is displayed across all of your monitors.
  • Jump Items can be set to allow multiple users to simultaneously access the same Jump Item. If set to Start New Session, then a new independent session starts for each user who Jumps to a specific RDP Jump Item. The RDP configuration on the endpoint controls any further behavior regarding simultaneous RDP connections.

Use BeyondTrust to start a VNC session with a remote system. Because VNC sessions are converted to BeyondTrust sessions, users can share or transfer sessions, and sessions can be automatically audited and recorded as defined by your administrator for your site.

To use Local VNC through BeyondTrust, you must be on the same network segment as the target system and must have the user account permission Allowed Jump Methods: Local VNC.

To use Remote VNC through BeyondTrust, you must have access to a Jumpoint and must have the user account permission Allowed Jump Methods: Remote VNC.

  1. To start a VNC session, open the VNC dialog from:
  • The Support menu of the representative console
  • The VNC button at the top of the representative console
  • Or Create a Remote VNC Jump in the web rep console
  1. From the Jumpoint dropdown, select the network that hosts the computer you wish to access. If you generally access the same Jumpoint, check Remember as my preferred choice. Enter the Hostname / IP of the system you wish to access.
  2. By default, the VNC server listens on port 5900, which is, therefore, the default port BeyondTrust attempts. If the remote VNC server is configured to use a different port, enter it in the Port field.
  3. To begin the VNC session, click Jump.

ℹ️

Note

Jump Items can be set to allow multiple users to simultaneously access the same Jump Item. If set to Join Existing Session, other users are able to join a session already underway. The original owner of the session receives a note indicating another user has joined the session, but is not allowed to deny them access.

Shell Jump

With Shell Jump, quickly connect to an SSH-enabled or Telnet-enabled network device to use the command line feature on that remote system. For example, run a standardized script across multiple systems to install a needed patch, or troubleshoot a network issue.

To perform a Shell Jump through BeyondTrust, you must have access to a Jumpoint with Shell Jump enabled, and you must have the user account permission Allowed Jump Methods: Shell Jump.

  1. To start a Shell Jump session, open the Shell Jump dialog from:
  • The Support menu of the representative console
  • The Shell Jump button at the top of the representative console
  • Or Create a Shell Jump in the web rep console

Your Jumpoint may be configured for provisioned Shell Jump access only.

  1. From the Jumpoint dropdown, select the network that hosts the computer you wish to access.
  2. If you generally access the same Jumpoint, check Remember as my preferred choice.
  3. Select the provisioned system you wish to access. Alternatively, your Jumpoint may be configured for open access or limited access.
  4. From the Jumpoint dropdown, select the network that hosts the computer you wish to access. If you generally access the same Jumpoint, check Remember as my preferred choice.
  5. To access a provisioned system, check Use Provisioned and select the system from the dropdown.
  6. Alternatively, enter the Hostname / IP of the system you wish to access. If your Jumpoint is configured for limited access, the remote system must be in the delimited IP address range.
  7. You can choose to Send Keep-Alive Packets to keep idle sessions from ending. Enter the number of seconds to wait between each packet sent.
  8. Choose the Protocol to use, either SSH or Telnet.Port automatically switches to the default port for the selected protocol but can be modified to fit your network settings.Select the Terminal Type, either xterm or VT100.
  9. Click Jump
    If attempting to Shell Jump to an SSH device without a cached host key, you receive an alert that the server's host key is not cached and that there is no guarantee that the server is the computer you think it is.
  10. If you choose Save Key and Connect, then the key is cached on the Jumpoint's host system so that future attempts to Shell Jump to this system do not result in this prompt. Connect Only starts the session without caching the key, and Abort ends the Shell Jump session.
  11. If you Shell Jump to an SSH device with keyboard interactive MFA enabled, there is a secondary prompt for input.
    When you Shell Jump to a remote device, a command shell session immediately starts with that device. If you Shell Jump to a provisioned SSH device with an unencrypted key or with an encrypted key whose password has been cached, you are not prompted for a password. Otherwise, you are required to enter a password. You can then send commands to the remote system.

Intel vPro

Using Intel® Active Management Technology, privileged users can support fully provisioned Intel vPro Windows systems below the OS level, regardless of the status or power state of these remote systems. To use Intel vPro, you must have access to a Jumpoint with Intel vPro enabled and must have the user account permission Allowed Jump Methods: Intel® vPro.

ℹ️

Note

  • Remote systems using vPro with AMT version 5 or higher may be supported with BeyondTrust.
  • Intel vPro is not supported with clustered Jumpoints.
  1. To start a session with an Intel vPro system, open the Intel® vPro dialog from:
  • The Support menu of the representative console
  • The Intel® vPro button at the top of the representative console
  1. From the Jumpoint dropdown, select the network that hosts the computer you wish to access. If you generally access the same Jumpoint, check Remember as my preferred choice. Enter the Hostname / IP of the system you wish to access.
  2. Click Jump.
  3. Depending on your Jumpoint setup, you might be prompted to enter a username and password.
    The Jumpoint detects the provisioned vPro hardware. If the credentials, provided during either the Jumpoint configuration or the Jump attempt, match the credentials of the vPro-provisioned system, the connection is initiated.
  4. Depending on how the vPro computer is provisioned, you might be prompted to enter a user consent code before performing certain actions.
  5. If a consent code is required, a pop-up appears on the remote screen. An end user must provide you with this code before you can gain hardware access.
  6. Once the connection is made, you have control of the remote vPro hardware. You can then use the vPro session tools to work on the remote system.

ℹ️

Note

Jump Items can be set to allow multiple users to simultaneously access the same Jump Item. If set to Join Existing Session, other users are able to join a session already underway. The original owner of the session receives a note indicating another user has joined the session, but is not allowed to deny them access.

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.