How can I connect to a VPN in docker not using VPN images?

I haven't used Docker on Windows, but a quick look at some VPN containers shows that, in *nix at least, they use --device /dev/net/tun --cap-add=NET_ADMIN to expose the VPN "device" to the container. Other containers then use docker networking or links to connect to this VPN container - so looking at how the VPN containers do it might be helpful.

One suggestion for Mac seems to be using extra_hosts like so:

extra_hosts:
  - "vpn.company.com:172.21.1.1"

You might be able to hack it with something like that. (or physically adding 172.21.1.1 vpn.company.com to /etc/hosts in the container). Also, checking for IP address conflicts between the Docker daemon and your host machine.

Windows docs seem to suggest they don't support network interfaces as "devices", so you probably need to either create a very specific docker network or modify host networking settings, starting with getting Docker daemon to recognize the VPN network.

See the Configure Advanced Networking section for some examples. I'd try creating a network associated with the VPN device first, then look into flags like --subnet and --gateway.

docker network create -d transparent \
    -o com.docker.network.windowsshim.interface="Ethernet 2" TransparentNet2

This creates a network with a particular subnet and gateway, then runs a container with a statically-assigned IP on that network.

C:\> docker network create -d transparent \
    --subnet=10.123.174.0/23 \
    --gateway=10.123.174.1 MyTransparentNet

C:\> docker run -it --network=MyTransparentNet \
    --ip=10.123.174.105 windowsservercore cmd

Good luck!