Cisco Anyconnect Docker Networking



One of my favorite applications to bypass filter is Cisco AnyConnect. I like it because it relays traffic between clients and servers like OpenSSH and HTTPS. In this way, the government can't distinguish between Anyconnect traffic and HTTPS, as a result, they can't block AnyConnect traffic unless they block all HTTPS traffic. Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, highly secure access to the enterprise network from any device, at any time, in any location while protecting the organization.

Started using docker at work again.

All the previous work is almost outdated and the old scripts are broken.Been getting issues all over the places.

Cisco Anyconnect Docker Networking

Normally, I connect remotely over VPN using Cisco's AnyConnect Client.

Cisco anyconnect docker networking system

Big one is not being able to connect to the docker-machine (on windows) while connected work's corporate network.`docker-compose` cannot connect to the docker containers.Error message is similar to:

Cisco Anyconnect Docker Networking

This machine has been allocated an IP address, but Docker Machine could not reach it successfully.SSH for the machine should still work, but connecting to exposed ports, such as the Docker daemon port (usually <ip>:2376), may not work properly.You may need to add the route manually, or use another related workaround.This could be due to a VPN, proxy, or host file configuration issue.

Cisco Anyconnect Docker Networking App

Only solution I found that works is to port-forward then explicily set the DOCKER_HOST.This causes cert issues that can be overcome with env vars.

Using `docker-compose` to manage the containers, I couldn't get `–tls-verify` to do anything.

VBoxManage modifyvm 'default' –natpf1 'docker,tcp,2376,2376'

$env:DOCKER_HOST='tcp://127.0.0.1:2376'

$env:DOCKER_TLS_VERIFY=';

Cisco Anyconnect Docker Networking App

Cisco

Cisco Anyconnect Windows 10 Download

docker-compose up