- I have a microservice running inside a docker container.
- The docker container is running on the company’s server (Debian 10) with the IP address 220.127.116.11.
- The companys IP addresses are of the form 18.104.22.168/16 (see the iptables rules below).
- This microservice needs to talk with an another server with the following IP-Address: 22.214.171.124.
Everything works fine, until I turn on the following VPN:
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state ESTABLISHED ACCEPT all -- anywhere anywhere ACCEPT all -- 126.96.36.199/16 anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:8443 state NEW,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:8636 state NEW,ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (0 references) target prot opt source destination ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:postgresql ACCEPT tcp -- anywhere 172.18.0.3 tcp dpt:https ACCEPT tcp -- anywhere 172.18.0.4 tcp dpt:https ACCEPT tcp -- anywhere 172.18.0.5 tcp dpt:https Chain DOCKER-ISOLATION-STAGE-1 (0 references) target prot opt source destination Chain DOCKER-ISOLATION-STAGE-2 (0 references) target prot opt source destination Chain DOCKER-USER (0 references) target prot opt source destination
The mircoservice throws now an exception
Caused by: java.net.ConnectException: Connection timed out
What I did so far
Looking at the iptables rules we can see that the network-addresses created by docker-compose are different from the IP addresses of the company. So I think thats the point, because if I am outside the companys network I am not able to connect with the aimed server.
How to config docker(-compose) to be inside the companies VPN, in order to be accepted by the remote server?
Source: Docker Questions