Ok, I’ve eventually figured it out also with the help of this thread: DNS Lookups on consul.service.consul when ACL set to deny? - #2 by telefax
What I was doing wrong was that I had a default token configured in the consul configuration file:
acl = {
enabled = true
default_policy = "deny"
enable_token_persistence = true
down_policy = "extend-cache"
tokens = {
default = "bd320011-d490-c54b-c3f9-bc01736d98d6"
agent = "bd320011-d490-c54b-c3f9-bc01736d98d6"
}
}
When commenting this out, it’s started working.
Thanks for the tip! 