Not a bug

2020.3 Forwarding with Masking

Earl Kelly 12 months ago updated by Eric Davis 11 months ago 6

Currently have short URL with Godaddy for accessing our hostedrmm.com site.   This is forwarding has been working since we've been using ScreenConnect.   Now with the introduction of 2020.3 forwarding with masking will not allow anyone to sign-in.    

With the feature on, you can login and enter the MFA option but then you will taken back to the login screen with no error messages or anything telling you what might be wrong.

This is a huge problem as our workflows and corporate infrastructure rely on this for uniformity.   

ConnectWise Control Version:
Server Affected:
Host Client Affected:
Guest Client Affected:

A colleague told me this may be due to the SameSite attribute that we're now setting in the cookie ("Lax"). An update to the Advanced Configuration Editor should be out this week, but in the meantime you can request support to add this key to the web.config file manually (listing it here for on-prem people also):

configuration / appsettings /

<add key="CookieSameSiteMode" value="None" />

@Eric Davis thanks for the reply where exactly in the web.config file running on a windows server do i add the above key ?? 

You'll want to add that key in the global <appSettings> section (configuration/appSettings, not the location-specific sections).

@Eric Davis many thanks that solved the problem :) also another quick question that you can hopefully answer the windows server crashed a few days ago and i had to reinstall connectwise but i lost all my clients i had added to the access panel in connectwise :( can you tell me when you add clients to the access panel where are they stored in connectwise is there a db file if so where and is it possible to make a backup of this file 

Many Thanks 

All session information is stored in <installation folder>/App_Data/Session.db, which is a SQLite database that you can browse with any compatible tool. (ex. DB Browser)

If your server is on the same URL, I'd think that your access agents would call back in and repopulate the list, even if your database was wiped.

Commenting disabled