Why docker container can access Windows host service but WSL cannot?


I have some web api services running on my Windows host. I have opened all the necessary ports on the firewall.

Without my company VPN, WSL can access the service as expected. After I connected to my company VPN, when I tried to access the services from WSL using curl, like curl http://host.docker.internal:123, I got a connection refused error. But from a docker container, the same curl command works.

I wonder why the VPN settings can affect WSL but not the containers.