Hello! I have a docker host (Docker version 20.10.12, build 20.10.12-0ubuntu4) that running on a cloud VPS on its own. I’m trying to connect it back to my lab with an IPsec tunnel to manage it and use the services hosted on it. I seem to have a problem though. While the IPsec tunnel is working great for the host itself, none of my containers seem to be able to use it. When I use the tunnel to access my host or vise verse, the host always seems to use it’s loopback IP address. This makes sense and is preferred. The container traffic however, disappears. I can seem it on the bridge but not across the IPsec tunnel. I think that this is because it’s not being NAT’d correctly but the iptables rules look good to me. Has anyone tried this before and got it working or have an idea what might fix it?
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any !docker0 172.17.0.0/16 anywhere
36612 2237K MASQUERADE all -- any !br-ea752843c054 172.18.0.0/16 anywhere
0 0 MASQUERADE tcp -- any any 172.17.0.3 172.17.0.3 tcp dpt:9001
0 0 MASQUERADE tcp -- any any 172.18.0.2 172.18.0.2 tcp dpt:https
0 0 MASQUERADE tcp -- any any 172.18.0.2 172.18.0.2 tcp dpt:http