I have my services running in docker swarm and want to make the services accessible using my private ip server. I already setup the wireguard vpn and ufw rules so that when i connected to the vpn, i can ssh to my server using private ip and it worked. but when it comes to the service, it failed (example {private_ip}:9000). i set ufw rules, iptables and so on but i still can’t access my service using private ip. any suggestion on what should i config? does this have conflic since docker swarm is managing their own networking and override iptables? if yes, then what is the workaround you guys suggest? many thanks
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey!
I think the issue might be related to how Docker Swarm handles its own networking, it kind of overrides iptables and that might be interfering with your setup.
If your service isn’t using mode: host
for the published ports, I guess it could be why you can’t access it over the private IP through WireGuard.
You might also need some extra routing or NAT rules to make traffic from the VPN subnet reach the service properly.
I’ve seen people use a reverse proxy on the host to get around this too. I’ve also been using this personally.
- Bobby
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Full documentation for every DigitalOcean product.
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.
New accounts only. By submitting your email you agree to our Privacy Policy
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.