Unable to authorize against external vault

Hi everyone,

I have been trying to follow the new guide: https://learn.hashicorp.com/vault/getting-started-k8s/external-vault
I have a vault instance running at https://vault.example.com, it is deployed with docker, with nginx as a reverse proxy.

From the guide I deploy this:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: internal-app


apiVersion: apps/v1
kind: Deployment
metadata:
  name: devwebapp
  labels:
    app: devwebapp
spec:
  replicas: 1
  selector:
    matchLabels:
      app: devwebapp
  template:
    metadata:
      labels:
        app: devwebapp
    spec:
      serviceAccountName: internal-app
      containers:
      - name: app
        image: burtlo/devwebapp-ruby:k8s
        imagePullPolicy: Always
        env:
        - name: VAULT_ADDR
          value: "https://vault.example.com"

Afterwards I; helm install vault, configure kubernetes auth and patch the above deployment. (Done as described in the guide)

However my init container throws this error:

2020-03-15T08:28:35.616Z [INFO]  auth.handler: authenticating
2020-03-15T08:28:35.865Z [ERROR] auth.handler: error authenticating: error="Error making API request.

URL: PUT https://vault.example.com/v1/auth/kubernetes/login
Code: 403. Errors:

* permission denied" backoff=1.258412683

If I check the logs of my external vault, I see this:

[ERROR] auth.kubernetes.auth_kubernetes_7fbc8b57: login unauthorized due to: Post https://127.0.0.1:32768/apis/authentication.k8s.io/v1/tokenreviews: dial tcp 127.0.0.1:32768: connect: connection refused

Does anyone have an idea, where my setup is wrong?
I can access the external vault through the web ui, vault cli and with curl without any problems. It seems that only the kubernetes auth is causing issues.

Thanks!
/Christian