When I use Cisco VPN Anyconnect to join to my corporate network, I cannot get docker-machine to connect to my virtualbox VM. It has something to do with Cisco Anyconnect taking over all 192.168.. routes. I also tried using a totally different cidr range (25.0.1.100/24) but still cannot get docker-machine to talk to VM. When I check the routes table, route gets added to utun0 instead of vboxnet0. I'm assuming utun0 is VPN's host network interface. Here the docker-machine output:
docker-machine create -d virtualbox dev
Running pre-create checks...
Creating machine...
Waiting for machine to be running, this may take a few minutes...
Machine is running, waiting for SSH to be available...
Detecting operating system of created instance...
Provisioning created instance...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
WARNING >>>
This machine has been allocated an IP address, but Docker Machine could not
reach it successfully.
SSH for the machine should still work, but connecting to exposed ports, such as
the Docker daemon port (usually <ip>:2376), may not work properly.
You may need to add the route manually, or use another related workaround.
This could be due to a VPN, proxy, or host file configuration issue.
You also might want to clear any VirtualBox host only interfaces you are not using.
To see how to connect Docker to this machine, run: docker-machine env dev
I had a similar problem with IP conflicts on 192.168.x.x I solved it changing the subnet of the VirtualBox host-only network.
1) run docker-machine rm dev
2) Go into the VirtualBox preferences and remove the host-only network
3) run docker-machine create --driver virtualbox --virtualbox-hostonly-cidr "25.0.1.100/24" dev
There is also a discussion on Github here: https://github.com/docker/kitematic/issues/1029#issuecomment-156219462
I have the same issue and this post on docker at github.com solves it.
sudo ifconfig vboxnet0 down && sudo ifconfig vboxnet0 up
You also may want to use port 2377 as discussed here
If you have the option to run Cisco VPN in Split Tunnel (instead of Full Tunnel) mode, that seems to work well, while still allowing you to access your corporate network.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With