Prerequisites for the BeyondTrust Remote Support Integration with BMC Remedyforce


You must purchase this integration separately from both your BeyondTrust software and your BMC Remedyforce solution. For more information, contact BeyondTrust sales.

Outlined below are requirements for the enterprise versions of the BeyondTrust integration with BMC Remedyforce. If any of the integration requirements are not yet met, they must be in place prior to starting the integration setup process unless the associated features of the integration are not required.


  • Secure Remote Access Appliance (physical or virtual) with:
    • BeyondTrust Remote Support: 14.2.x and newer
    • At least one usable representative console which can generate session keys
    • A working BeyondTrust public site through which users can connect to representatives
  • Network firewall rules to allow:
    • TCP 443 traffic from the Secure Remote Access Appliance to reach the appropriate BMC Remedyforce instance
    • TCP 443 traffic from the appropriate BMC Remedyforce instance to reach the Secure Remote Access Appliance
  • A working version of the BeyondTrust-Salesforce integration

Firewall Test

It is important to test all requirements of the integration prior to beginning setup. Most of these can be tested by the BeyondTrust and BMC Remedyforce administrators within their respective systems, but to test the network firewall, the BeyondTrust admin should take the following steps to confirm that the necessary rules are in place:

  1. Log into a machine either external to the Secure Remote Access Appliance's network or in the same VPN as the BMC Remedyforce instance, depending on how BMC Remedyforce connects to the appliance's network.
  2. Log into the Secure Remote Access Appliance's /appliance interface.
  3. Browse to Support > Utilities :: TCP Connection Test.
  4. Enter the hostname of the BMC Remedyforce instance, enter the port number of 443, and click Test. The result should be a Connected status message.

Do not enter the protocol of the BMC Remedyforce instance (e.g., Instead, use the fully qualified domain name only (e.g., In most environments, the Secure Remote Access Appliance resides in a DMZ network and has a public DNS address, which BMC Remedyforce contacts over the public internet. In some environments, BeyondTrust is not publicly accessible. In these cases, you should communicate with your technical contact about implementing a VPN connection to your internal network for BMC Remedyforce.