Preliminary checklist

• I am using the latest stable version of DDEV (see upgrade guide)
• I have searched existing issues
• I have checked the troubleshooting guide
• I have run ddev debug test to include output below

Output of ddev debug test

Following the Special Network Configurations documentation, I was advised to report this issue, even though it may be more of a Docker problem than a DDEV-specific one.
Reference: https://bsky.app/profile/ddev.bsky.social/post/3lmu22xsvwk2u

In our company setup, developers use Linux machines where Docker runs natively (not via WSL). We are also required to use a restrictive corporate VPN (Pulse Secure) when working remote, which appears to interfere with Docker’s ability to create or use its own virtual network interfaces.

Issue

When running ddev start, the command eventually fails with a timeout. The container does not start properly. From what we’ve observed, this seems to be caused by Docker being unable to bind its internal network while the VPN is active. Same if I activate the VPN on a running project, accessing the project in the browser will lead to a timeout as ddev_default network is not accessible.

ddev start
Network ddev_default created

This might be due to:

• The VPN locking down network namespaces

• Docker’s reliance on bridge networks that conflict with VPN routing rules or network interfaces.

• The VPN disallowing traffic that originates from or is routed through Docker's bridge network.

Workaround

As a workaround, we typically switch to podman and run containers using --network host, which bypasses Docker-style bridge networking and allows things to work as expected under the VPN. But in this case we are out of ddev world!

Question / Suggestion

While this might be a Docker-level limitation, perhaps a short note in the DDEV documentation could help others facing similar setups (especially in enterprise environments with VPNs that lock down networking).

======== docker version ========
Client: Docker Engine - Community
 Version:           28.0.1
 API version:       1.48
 Go version:        go1.23.6
 Git commit:        068a01e
 Built:             Wed Feb 26 10:41:08 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          28.0.1
  API version:      1.48 (minimum version 1.24)
  Go version:       go1.23.6
  Git commit:       bbd0a17
  Built:            Wed Feb 26 10:41:08 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.25
  GitCommit:        bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
 runc:
  Version:          1.2.4
  GitCommit:        v1.2.4-0-g6c52b3f
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0


======== DDEV version ========
 ITEM             VALUE
 DDEV version     v1.24.4
 architecture     amd64
 cgo_enabled      0
 db               ddev/ddev-dbserver-mariadb-10.11:v1.24.4
 ddev-ssh-agent   ddev/ddev-ssh-agent:v1.24.4
 docker           28.0.1
 docker-api       1.48
 docker-compose   v2.34.0
 docker-platform  linux-docker
 global-ddev-dir  /home/k6r2j9/.ddev
 go-version       go1.23.7
 mutagen          0.18.1
 os               linux
 router           ddev/ddev-traefik-router:v1.24.4
 web              ddev/ddev-webserver:v1.24.4
 xhgui-image      ddev/ddev-xhgui:v1.24.4

Expected Behavior

Able to access a project while the VPN is active

Actual Behavior

Timeout

Steps To Reproduce

No response

Anything else?

No response