Directly accessing eth0 when using Docker while Cisco AnyConnect Secure Mobility Client is providing a VPN tunnel

Question

When VPN is active, all the traffic seems to be tunneled through csctun0.

Using a VirtualBox I am able to set up a "network bridge" to eth0, which seems to completely ignore the manipulations made by Cisco's software. The VirtualBox directly connects to my local network and accesses local network devices and the internet directly.

I want to achieve the same with Docker containers, but the Docker's bridge seems to work differently.

What is necessary to let a Docker container bypass Cisco's tunnel like a VirtualBox does?

Edit: I tried to use "macvlan" and followed the instructions on http://hicu.be/docker-networking-macvlan-bridge-mode-configuration but fail when I trying to send pings to the local gateway:

# docker exec -ti container0 ping -c 4 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: Destination Host Unreachable
64 bytes from 10.0.0.1: Destination Host Unreachable
64 bytes from 10.0.0.1: Destination Host Unreachable
64 bytes from 10.0.0.1: Destination Host Unreachable
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss

Answer 1

Why not prevent you VPN from taking over your entire connection ? Just disable the use of default gateway on remote network for the VPN connection and Docker should correctly work by default (via eth0).

Additionally, you can use the routing command to dictate the route taken in different scenarios (example: when VPN is active).