java - docker-compose creates a network which is not inside the company's VPN

Question

Intro

• I have a microservice running inside a docker container.
• The docker container is running on the company's server (Debian 10).
• The server's IP address is 141.45.146.55.
• The company's IP addresses are of the form 141.45.0.0/16 (see the iptables rules below).
• This microservice needs to talk with an another server with the following IP-Address: 141.45.11.192.

Problem

Everything works fine, until I turn on the following VPN:

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  141.45.0.0/16        anywhere
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8443 state NEW,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8636 state NEW,ESTABLISHED

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (0 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             172.18.0.2           tcp dpt:postgresql
ACCEPT     tcp  --  anywhere             172.18.0.3           tcp dpt:https
ACCEPT     tcp  --  anywhere             172.18.0.4           tcp dpt:https
ACCEPT     tcp  --  anywhere             172.18.0.5           tcp dpt:https

Chain DOCKER-ISOLATION-STAGE-1 (0 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-2 (0 references)
target     prot opt source               destination

Chain DOCKER-USER (0 references)
target     prot opt source               destination

The mircoservice throws now an exception Caused by: java.net.ConnectException: Connection timed out

What I did so far

Looking at the iptables rules we can see that the network-addresses created by docker-compose are different from the IP addresses of the company. So I think thats the point, because if I am outside the company's network I am not able to connect with the aimed server.

Question

How to configure docker(-compose) and/or the firewall to be inside the company's VPN, in order to be accepted by the "another server?

question from:https://stackoverflow.com/questions/65925327/docker-compose-creates-a-network-which-is-not-inside-the-companys-vpn

Answer 1

Waitting for answers