diff --git a/multiserver.js b/multiserver.js
index 10e17774..cccffae1 100644
--- a/multiserver.js
+++ b/multiserver.js
@@ -584,7 +584,7 @@ module.exports.CreateMultiServer = function (parent, args) {
         if (path.substring(path.length - 11) == '/.websocket') { path = path.substring(0, path.length - 11); }
         var queryStr = '';
         for (var i in req.query) { if (i.toLowerCase() != 'auth') { queryStr += ((queryStr == '') ? '?' : '&') + i + '=' + req.query[i]; } }
-        if (user != null) { queryStr += ((queryStr == '') ? '?' : '&') + 'auth=' + obj.parent.encodeCookie({ userid: user._id, domainid: user.domain }, cookieKey); }
+        if (user != null) { queryStr += ((queryStr == '') ? '?' : '&') + 'auth=' + obj.parent.encodeCookie({ userid: user._id, domainid: user.domain, ps: 1 }, cookieKey); }
         var url = obj.peerConfig.servers[serverid].url + path + queryStr;
 
         // Setup an connect the web socket
diff --git a/package.json b/package.json
index 6377aa92..e3f67627 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "meshcentral",
-  "version": "0.3.9-y",
+  "version": "0.3.9-z",
   "keywords": [
     "Remote Management",
     "Intel AMT",
diff --git a/webserver.js b/webserver.js
index 506deded..da9bffea 100644
--- a/webserver.js
+++ b/webserver.js
@@ -590,7 +590,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                 var yubikeyotp = require('yubikeyotp');
                 var request = { otp: token, id: domain.yubikey.id, key: domain.yubikey.secret, timestamp: true }
                 if (domain.yubikey.proxy) { request.requestParams = { proxy: domain.yubikey.proxy }; }
-                yubikeyotp.verifyOTP(request, function (err, results) { func(results.status == 'OK'); });
+                yubikeyotp.verifyOTP(request, function (err, results) { func((results != null) && (results.status == 'OK')); });
                 return;
             }
         }
@@ -1940,7 +1940,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
             if (!state || state.connectivity == 0) { Debug(1, 'ERR: No routing possible (1)'); try { ws.close(); } catch (e) { } return; } else { conn = state.connectivity; }
 
             // Check what server needs to handle this connection
-            if ((obj.parent.multiServer != null) && (cookie == null)) { // If a cookie is provided, don't allow the connection to jump again to a different server
+            if ((obj.parent.multiServer != null) && ((cookie == null) || (cookie.ps != 1))) { // If a cookie is provided and is from a peer server, don't allow the connection to jump again to a different server
                 var server = obj.parent.GetRoutingServerId(req.query.host, 2); // Check for Intel CIRA connection
                 if (server != null) {
                     if (server.serverid != obj.parent.serverId) {