Docker Subnet Can't Reach WAN
-
Hello,
I have a DMZ setup (10.10.1.0/24) on specific port (guest is running on ESXi) on my PFsense. All that is running great but an app/service provided by docker can't reach any hosts. It looks like the app provided uses 172.17.0.0/24 and 172.20.0.0/24 for their docker range but is using said range to contact PFsense.
PFsense decides to block the traffic despite my best effort to allow these connection attempts. I'm assuming it's because the PFsense interface IP is 10.10.1.1 and no other source subnet traffic is allowed.
I can't change the internals of the app for obvious reasons but was expecting to be able to allow other sources via rules. What's the best solution here?
Routing table attached:
Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.10.1.1 0.0.0.0 UG 0 0 0 ens192
10.10.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens192
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker_gwbridge