I understood that external traffic is allowed through Ingress gateway to the services inside mesh. But how does the external request get authenticated at the Ingress gateway?
Consul ingress gateways are primarily intended for allowing off-mesh traffic within a controlled environment, such as an on-premise datacenter or corporate network, to reach services on the mesh, and don’t provide any authentication features at the entrypoint.
Consul API Gateway is designed to expose mesh services to the public internet, and is planned to include authentication functionality in the future, but does not have that ability yet.
1 Like