Jumpoint: Set Up Unattended Access to a Network



Jumpoint Management

BeyondTrust's Jump Technology enables a user to access computers on a remote network without having to pre-install software on every machine. Simply install a single Jumpoint agent at any network location to gain unattended access to every PC within that network.

Add New Jumpoint, Edit, Delete

Create a new Jumpoint, modify an existing Jumpoint, or remove an existing Jumpoint.


Uninstall an existing Jumpoint and download an installer to replace the existing Jumpoint with a new one. Jump shortcuts associated with the existing Jumpoint will use the new Jumpoint once it is installed.

When an existing Jumpoint is replaced, its configuration is not saved. The new Jumpoint must be reconfigured.

Add or Edit Jumpoint


Create a unique name to help identify this Jumpoint. This name should help users locate this Jumpoint when they need to start a session with a computer on the same network.

Code Name

Set a code name for integration purposes. If you do not set a code name, PRA creates one automatically.

External Jump Item Network ID

On the Security page Access Console settings, when Jumpoint for External Jump Item Sessions is set to Automatically Selected by External Jump Item Network ID, this value is matched against the Network ID property for external Jump Items returned by the Endpoint Credential Manager to determine which Jumpoint handles a session.

Network ID is equivalent to the Workgroup attribute on managed systems in Password Safe.


Add a brief description to summarize the purpose of this Jumpoint. This is helpful when managing Jumpoints.


If checked, this Jumpoint is unavailable to make Jump connections.


If checked, you will be able to add multiple, redundant nodes of the same Jumpoint on different host systems. This ensures that as long as at least one node remains online, the Jumpoint will be available.

Enable Shell Jump Method

If you want users to be able to connect to SSH-enabled and Telnet-enabled network devices through this Jumpoint, check the Enable Shell Jump Method option. Command filtering can be configured to prevent accidental use of commands that can be harmful to endpoint systems.

For more information on command filtering, please see Use Shell Jump to Access a Remote Network Device.

Enable Protocol Tunnel Jump Method

If the Enable Protocol Tunnel Jump Method option is checked, users may make connections from their systems to remote endpoints through these types of Jumpoint.

For more information, see Protocol Tunnel Jump Shortcuts in the Privileged Remote Access Jumpoint Guide.

RDP Service Account

Select the vault account to be used by the Jumpoint to run a user-initiated client on the RDP server. This allows you to collect additional event information from an RDP session started with this Jumpoint. This account in used only if the Remote RDP Jump Item is configured to enable the Session Forensics functionality.

The RDP Service Account setting must not use a local admin account, and must use a domain admin account with privileges on the endpoint including access to remotely connect to the endpoint's C$ share, remotely create and start services on the endpoint machine, and access remote file systems.

For more information, see Use RDP to Access a Remote Windows Endpoint in the Privileged Remote Access Jumpoint Guide.

Group Policies

This displays a listing of the group policies which allow users access to this Jumpoint.

Allowed Users

New Member Name

Search for users to add to this Jumpoint. Users must be added to the Jumpoint in order to create Jump Items using that Jumpoint or to initiate ad hoc sessions through that Jumpoint. Users are not required to be added to the Jumpoint to start a session with a pre-existing Jump Item using that Jumpoint, so long as they have access granted through Jump Group membership.

In the table below, view existing Jumpoint users. You can filter the view by entering a string in the Filter by Name text box. You can also delete the user from the Jumpoint.

To add a group of users to a Jumpoint, go to Users & Security > Group Policies and assign that group to one or more Jumpoints.

You may see some users whose Delete options are disabled. This occurs when a user is added via group policy.

You can click the group policy link to modify the policy as a whole. Any changes made to the group policy apply to all members of that group policy.

You also can add the individual to the Jumpoint, overriding their settings as defined elsewhere.

For more information about Jumpoint configuration, please see Configure and Install a PRA Jumpoint.