Website not reachable within docker container on wireguard VPN host

i have a super weird issue which i can reproduce. Most of my clients in my network at home are connected via wireuard vpn with another system in another country and use this system as default gateway. No issues so far.

My QNAP NAS also uses this gateway for communication to the internet. Now i have setup a docker container in my container station and the issue appears. For now, one specific website is not reachable anymore from inside of any docker container on the QNAP.

curl --verbose
*   Trying
* Connected to ( port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: Connection reset by peer in connection to 
* Closing connection 0
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to

Same issue appeears with wget/openssl s_client, etc. and yes i can still reach every other website as usual.

If I turn off the VPN Gateway in my QNAP and the communication uses my usual public IP the issue for this one specific website disapears. I was able to reproduce this issue with a simple ubuntu:latest docker on my manjaro which is also using wireguard. If i turn off wireguard on Manjaro, issue with the website inside the docker disappears.

I should also note that on every system with wireguard VPN and VPN default gateway without docker I can reach this specific website without any issues. Its only with the combination of both and i don’t even know what i could do to fix this issue.

Any suggestion on this issue? I can provide you any information if needed.


We are seeing similar problems, when connecting to Both when connecting using ssh and https.
Will test some more, to see how widespread the issue is

I was able to fix this issue by changing the MTU of the docker network adapter to 1420 instead of 1500.