IngressRoute for kubernetes-dashboard gives 404

Traefik Traefik v3 (latest)
1

Hi all,
I have a configuration haproxy as load balancere installed externally to k8s cluster connect using tcp to traefik 3.0.
I successfully exposed traefik-dashboard using IngressRoute.
So i tried the following IngressRoute to kubernates-dashboard

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  entryPoints:
    - websecure  # <--- AGGIUNTO
  routes:
    - match: Host(`k8s-dash.local`) && PathPrefix(`/`)
      kind: Rule
      services:
        - name: kubernetes-dashboard
          port: 443

when i try this:

olindo@olindos-Mac-mini k8s-lab % curl -vk https://k8s-dash.local/
* Host k8s-dash.local:443 was resolved.
* IPv6: (none)
* IPv4: 192.168.1.2
*   Trying 192.168.1.2:443...
* Connected to k8s-dash.local (192.168.1.2) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=TRAEFIK DEFAULT CERT
*  start date: Jul 14 08:01:40 2025 GMT
*  expire date: Jul 14 08:01:40 2026 GMT
*  issuer: CN=TRAEFIK DEFAULT CERT
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://k8s-dash.local/
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: k8s-dash.local]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.7.1]
* [HTTP/2] [1] [accept: */*]
> GET / HTTP/2
> Host: k8s-dash.local
> User-Agent: curl/8.7.1
> Accept: */*
> 
* Request completely sent off
< HTTP/2 404 
< content-type: text/plain; charset=utf-8
< x-content-type-options: nosniff
< content-length: 19
< date: Tue, 15 Jul 2025 06:53:38 GMT
< 
404 page not found
* Connection #0 to host k8s-dash.local left intact
olindo@olindos-Mac-mini k8s-lab %

dashboard-service:

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  annotations:
    meta.helm.sh/release-name: kubernetes-dashboard
    meta.helm.sh/release-namespace: kubernetes-dashboard
  creationTimestamp: "2025-07-14T07:22:48Z"
  labels:
    app.kubernetes.io/instance: kubernetes-dashboard
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: kong
    app.kubernetes.io/version: "3.8"
    enable-metrics: "true"
    helm.sh/chart: kong-2.46.0
  name: kubernetes-dashboard-kong-proxy
  namespace: kubernetes-dashboard
  resourceVersion: "3401112"
  uid: b97c66b2-9795-4cac-9959-2f35d8df5454
spec:
  clusterIP: 10.152.183.115
  clusterIPs:
  - 10.152.183.115
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - name: kong-proxy-tls
    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    app.kubernetes.io/component: app
    app.kubernetes.io/instance: kubernetes-dashboard
    app.kubernetes.io/name: kong
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

The dashbord accesed by port-forward works like a charm.

Any suggestion?
Thanks
Olindo