FAQ | This is a LIVE service | Changelog

Skip to content

Add howto get docker containers to connect to the VPN on linux

On Ubuntu (and probably any other linux) if you need to connect a container from docker-compose to the CUDN VPN then you need to change your source IP for your VPN address as the packets leave the docker network using

Get your net interface

sudo ip route show | grep -e "^default" | awk -- "{ print \$5 }"

List the docker networks on your system

docker network ls

Find the network you are using

docker network inspect ${name of docker net} | grep "Subnet"

Get the IP the VPN has given you using

ip addr show ${your net interface}

You will need to find the IP of the host you want to connect to on the cudn eg ocm.admin.cam.ac.uk is 131.111.150.40/32 (/32 because it is a single host) Add the IPtables rule

iptables -j SNAT \
  -t nat -I POSTROUTING 1 \
  -o ${your net interface} \
  -d "${your CUDN destination it CIDR}" \
  -s "${the subnet of your compose network}" \
  --to-source "${the IP you have been given by the VPN}"```