Docker on Windows File Sharing Blocked by Firewall

Question

TL;DR

From the docker container running on the VM I can ping all my host IPs (such as 10.10.10.1 and 172.24.185.209) but I can't ping 10.0.75.1. My guess is that once I can figure out why I can't reach the 10.0.75.1 network adapter the share issue will be resolved.

---

I have gone through this post that described the same issue and tried the various suggestions without success. I have tried the following:

1. Set the Docker interface to be private using the following:
   • Set-NetConnectionProfile -interfacealias "vEthernet (DockerNAT)" -NetworkCategory Private
2. Telnet'ed successfully to 10.0.75.1 445
3. Shared the c drive and checked that I could access it from \10.0.75.1\c
4. Turned-off the firewall for "Domain", "Public", "Private"
5. I tried to uninstall the "File and Printer Sharing for Microsoft Networks" for the "vEthernet (DockerNAT)" (to re-install as someone had suggested) but got the error: 0x80071779
   • This appears to be an issue in the windows version 1803
6. I then unchecked the "File and Printer Sharing for Microsoft Networks" for the "vEthernet (DockerNAT)" clicked "Ok" and then checked it back on.
7. I have reinstalled Docker for Windows a couple of times as well

I am using the following:

• Windows10 Version 1803 (OS Build 17134.285)
• Docker CE Version 18.06.1-ce-win73 (19507), Channel: Stable

Updated: 9/27/2018

I was trying to connect to the VM and poke around but it couldn't - it keeps saying "Video remoting was disconnected". But following this https://docker-saigon.github.io/post/Docker-Beta/#private-registries:ebf9573d6838c40027746e9d7482622a I ran a container on the VM and accessed the VM through it. I am running the container using the following so I have full access to the guest network (--net=host)

docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh

I have the following adapters on the host:

PS C:\WINDOWS\system32> ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : consilins2
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet 5:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : PANGP Virtual Ethernet Adapter #2
   Physical Address. . . . . . . . . : 02-50-41-00-00-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (Default Switch):

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 2C-15-60-80-CD-1B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (Default Switch) 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
   Physical Address. . . . . . . . . : 02-15-9F-19-92-4C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1d6e:1706:ba33:33a8%31(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.24.185.209(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.240
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 520099165
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-97-33-8D-9C-B6-D0-EC-24-55
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter vEthernet (DockerNAT):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3
   Physical Address. . . . . . . . . : 00-15-5D-12-B3-04
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.75.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-EC-24-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : AE-B6-D0-EC-24-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Killer Wireless-n/a/ac 1535 Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-EC-24-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::504d:580b:1452:d100%29(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.10.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 26, 2018 4:35:28 PM
   Lease Expires . . . . . . . . . . : Friday, September 28, 2018 6:28:00 AM
   Default Gateway . . . . . . . . . : 10.10.10.254
   DHCP Server . . . . . . . . . . . : 10.10.10.254
   DHCPv6 IAID . . . . . . . . . . . : 127710928
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-97-33-8D-9C-B6-D0-EC-24-55
   DNS Servers . . . . . . . . . . . : 10.10.10.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 9C-B6-D0-EC-24-56
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
PS C:\WINDOWS\system32>

I have the following adapters as seen from the docker container:

docker0   Link encap:Ethernet  HWaddr 02:42:DE:73:21:B4
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          inet6 addr: fe80::42:deff:fe73:21b4/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:348 (348.0 B)

eth0      Link encap:Ethernet  HWaddr 02:50:00:00:00:01
          inet addr:192.168.65.3  Bcast:192.168.65.255  Mask:255.255.255.0
          inet6 addr: fe80::383b:a8ff:fe9f:2902/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1978 (1.9 KiB)

hvint0    Link encap:Ethernet  HWaddr 00:15:5D:12:B3:03
          inet addr:10.0.75.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::215:5dff:fe12:b303/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2896 errors:0 dropped:57 overruns:0 frame:0
          TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:550086 (537.1 KiB)  TX bytes:3128 (3.0 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:34 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:3228 (3.1 KiB)  TX bytes:3228 (3.1 KiB)

From the docker container running on the VM I can ping all my host IPs (such as 10.10.10.1 and 172.24.185.209) but I can't ping 10.0.75.1. My guess is that once I can figure out why I can't reach the 10.0.75.1 network adapter the share issue will be resolved.

I am hoping that this might be a better defined problem to solve. Again, any help would be appreciated.

Thanks,

Amit

Answer 1

TL;DR

I believe that there was another anti-virus that was running that was causing the blocked firewall issue

---

I decided to switch from using Windows Defender to Norton Antivirus to see if that would resolve the issue. When I tried to install Norton it complained that it could not remove a previously installed version of the AV and the installation aborted. As far as I knew the only AV I had on my system was Windows Defender. There was no evidence of any other AV running in the system tray. I checked the services list - I found an entry for Norton but it was not running. I am not sure if that entry existed before or it was created as part of the unsuccessful installation. Either way, I rebooted by computer and decided to try sharing the drive again and it worked. I was able to ping 10.0.75.1 and share the c drive without issue. My best guess is that there might have been a version of Norton running in the background which got cleaned-up when I tried to do a fresh install and allowed the files to be shared.

I wish I had better insight into the exact cause and the fix but it is working now. Thanks.