Configuring and accessing strimzi kafka through Traefik ingressroutetcp

Question

We are trying to setup our strimzi kafka to work with Traefik as an ingress controller. To do so, we have configured the listeners as type ingress, and also defined a ingress-route-tcp resource.

Even after this, we are facing issues connecting to kafka from our clients outside of the kubernetes cluster. Below is the configuration that we are using:

Strimzi configuration:

apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
  name: kafka-cluster
  labels:
spec:
  clientsCa:
    generateCertificateAuthority: true
  kafka:
    authorization:
      type: simple
    listeners:
      - name: oauth
        port: 9094
        type: ingress
        tls: true
        configuration:
          bootstrap:
            host: kafka-bootstrap.example.com
            advertisedHost: kafka-bootstrap.example.com
            advertisedPort: 9094
            annotations:
              external-dns.alpha.kubernetes.io/hostname: kafka-bootstrap.example.com               external-dns.alpha.kubernetes.io/ttl: "60"
            alternativeNames:
            - kafka-bootstrap.example.com
          brokers:
            - broker: 0
              host: kafka-broker-0.example.com
              advertisedHost: kafka-broker-0.example.com
              advertisedPort: 9094
              annotations:
                external-dns.alpha.kubernetes.io/hostname: kafka-broker-0.example.com                    external-dns.alpha.kubernetes.io/ttl: "60"
              advertisedHost: kafka-broker-0.example.com
          brokerCertChainAndKey:
            secretName: secret-name
            certificate: tls.crt
            key: tls.key

Our ingress route tcp is configured as below:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: kafka-ingress
spec:
  entryPoints:
    - oauth
  routes:
    - match: HostSNI(`kafka-bootstrap.example.com`)
      services:
        - name: kafka-oauth-bootstrap
          port: 9094
    - match: HostSNI(`kafka-broker-0.example.com`)
      services:
        - name: kafka-oauth-0
          port: 9094
  tls:
    secretName: secret-name
    passthrough: true

I am trying to test this route now, using a java client that I am running from my local machine. I am using the bootstrap server values as: kafka-bootstrap.example.com:9094

However, when I do this, I am not able to establish connection to my service, and keep getting the below error:

Bootstrap broker kafka-bootstrap.example.com:9094 (id: -1 rack: null) disconnected

Am I missing some configuration here which is causing this issue? Do I need to change some port configurations or something which will help me fix this?

Edit: Added k8s service information.

kafka-oauth-0           ClusterIP      x.x.x.x   <none>         9094/TCP                              29m
kafka-oauth-bootstrap   ClusterIP      x.x.x.x     <none>         9094/TCP                              29m