Failed to add vpc route

I’m setting up Pritunl in AWS and attempting to get the cloud advertising working. We hold an enterprise licence for Pritunl, if that matters.

I’ve setup the Instance Profile with the AmazonRoute53FullAccess and AmazonVPCFullAccess managed policies and attached it to two EC2s running Pritunl. The VPN works and doesn’t throw errors when the advertising is disabled.

On both Pritunl hosts I’ve disabled the source/destination check on their respective network interfaces. UDP port 4789 traffic is allowed between the Pritunl hosts.

VPC: (in US East (Ohio))
Virtual Network:

I have the Cloud Provider setting set to “AWS” and I have “role” set for both “US East (Ohio) Access Key” and “US East (Ohio) Secret Key”. “Auto Route 53 Region” is disabled.

Getting the following error:

[evening-forest-5849][2024-01-24 21:15:25,340][ERROR] Failed to add vpc route
Traceback (most recent call last):
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/", line 1253, in reserve_route_advertisement
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/utils/", line 65, in add_vpc_route
    mdata = get_metadata()
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/utils/", line 35, in get_metadata
    instance_id = metadata['instance-id']
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/boto/", line 275, in __getitem__
    return super(LazyLoadMetadata, self).__getitem__(key)
KeyError: 'instance-id'
  server_id   = "REDACTED"
  instance_id = "REDACTED"
  vpc_region  = null
  vpc_id      = null
  network     = ""

Haven’t found any more details in the log files.

I have also tested the above using an access id and secret for an admin account. Still get the same error.

Out of curiousity I tried this all on Oracle Linux 8.8 from the AMI author listed in the Pritunl docs. I get the following error instead:

[evening-plains-2491][2024-01-25 19:23:11,255][ERROR] Error in management socket thread
Traceback (most recent call last):
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/", line 317, in _socket_thread
  File "/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/", line 404, in connect
ConnectionRefusedError: [Errno 111] Connection refused
  server_id   = "REDACTED"
  instance_id = "REDACTED"
  socket_path = "/var/run/pritunl_65b2b51ec6b494f554542b0c.sock"

This is likely from the instance metadata options. In modify instance metadata options IMDSv2 must be set to optional.