Docker containers in Windows host in LAN

Goal: Setting up some Docker containers in a Windows host that must be accessible within your LAN.

There are 2 ways to achieve this setup.

  • With a "bridge" network setup.
  • With a "NAT" network setup.

In this guide we will examine the second setup, since there are plenty of resources available for the first kind of setup already available.

A key concept to grasp for the "NAT" network setup, is the "layers" involved in the setup. More specifically, there is an extra layer between the physical Windows host and the Docker container, namely the virtual Linux host, since Docker containers in Windows run on a virtual Linux host within Virtualhost, and not directly on the Windows host.

Thus, the communication must follow this pattern:

"Client in LAN" => "Windows host" => "Virtual Linux host" => "Docker container".

In order to achieve this communication, we have to setup port forwarding for the communication of the Windows host to the virtual Linux host, in Virtualhost. An example can be seen in the provided picture.


In this setup, we have set an "ssh" rule that forwards ssh requests from port 2222 of the Windows host machine, to port 2222 of the virtual Linux host machine (a.k.a. "docker-machine". You can get the ip by executing "docker-machine ip default" in the "Docker Quickstart Terminal"). From that point on, the communication between the virtual Linux host machine and the Docker container must have already been declared with the "docker run" command


docker run -d -p 2222:22

or your docker-compose file


- "2222:22"

Of course, you have to adjust the preceding setup according to your needs (ips, ports, etc).