diff --git a/charts/consul/templates/connect-inject-deployment.yaml b/charts/consul/templates/connect-inject-deployment.yaml
index 2b52c1b81c..266a1cb76a 100644
--- a/charts/consul/templates/connect-inject-deployment.yaml
+++ b/charts/consul/templates/connect-inject-deployment.yaml
@@ -257,6 +257,9 @@ spec:
                 {{- if and .Values.global.tls.enabled .Values.global.tls.enableAutoEncrypt }}
                 -enable-auto-encrypt \
                 {{- end }}
+                {{- if .Values.global.enableTelemetryCollector }}
+                -enable-telemetry-collector \
+                {{- end }}
           startupProbe:
             httpGet:
               path: /readyz/ready
diff --git a/control-plane/connect-inject/controllers/endpoints/endpoints_controller.go b/control-plane/connect-inject/controllers/endpoints/endpoints_controller.go
index 13f75f1156..584abd48c6 100644
--- a/control-plane/connect-inject/controllers/endpoints/endpoints_controller.go
+++ b/control-plane/connect-inject/controllers/endpoints/endpoints_controller.go
@@ -44,9 +44,10 @@ const (
 	terminatingGateway = "terminating-gateway"
 	ingressGateway     = "ingress-gateway"
 
-	kubernetesSuccessReasonMsg = "Kubernetes health checks passing"
-	envoyPrometheusBindAddr    = "envoy_prometheus_bind_addr"
-	defaultNS                  = "default"
+	kubernetesSuccessReasonMsg           = "Kubernetes health checks passing"
+	envoyPrometheusBindAddr              = "envoy_prometheus_bind_addr"
+	envoyTelemetryCollectorBindSocketDir = "envoy_telemetry_collector_bind_socket_dir"
+	defaultNS                            = "default"
 
 	// clusterIPTaggedAddressName is the key for the tagged address to store the service's cluster IP and service port
 	// in Consul. Note: This value should not be changed without a corresponding change in Consul.
@@ -119,6 +120,10 @@ type Controller struct {
 	// to Consul client agents.
 	EnableAutoEncrypt bool
 
+	// EnableTelemetryCollector controls whether the proxy service should be registered
+	// with config to enable telemetry forwarding.
+	EnableTelemetryCollector bool
+
 	MetricsConfig metrics.Config
 	Log           logr.Logger
 
@@ -482,6 +487,10 @@ func (r *Controller) createServiceRegistrations(pod corev1.Pod, serviceEndpoints
 		proxyConfig.Config[envoyPrometheusBindAddr] = prometheusScrapeListener
 	}
 
+	if r.EnableTelemetryCollector {
+		proxyConfig.Config[envoyTelemetryCollectorBindSocketDir] = "/consul/connect-inject"
+	}
+
 	if consulServicePort > 0 {
 		proxyConfig.LocalServiceAddress = "127.0.0.1"
 		proxyConfig.LocalServicePort = consulServicePort
@@ -761,6 +770,10 @@ func (r *Controller) createGatewayRegistrations(pod corev1.Pod, serviceEndpoints
 		}
 	}
 
+	if r.EnableTelemetryCollector {
+		service.Proxy.Config[envoyTelemetryCollectorBindSocketDir] = "/consul/service"
+	}
+
 	serviceRegistration := &api.CatalogRegistration{
 		Node:    common.ConsulNodeNameFromK8sNode(pod.Spec.NodeName),
 		Address: pod.Status.HostIP,
diff --git a/control-plane/subcommand/inject-connect/command.go b/control-plane/subcommand/inject-connect/command.go
index c7c04dd481..671a15f7cd 100644
--- a/control-plane/subcommand/inject-connect/command.go
+++ b/control-plane/subcommand/inject-connect/command.go
@@ -118,6 +118,9 @@ type Command struct {
 
 	flagEnableAutoEncrypt bool
 
+	// Consul telemetry collector
+	flagEnableTelemetryCollector bool
+
 	// Consul DNS flags.
 	flagEnableConsulDNS bool
 	flagResourcePrefix  string
@@ -203,6 +206,8 @@ func (c *Command) init() {
 		"Enables updating the CABundle on the webhook within this controller rather than using the web cert manager.")
 	c.flagSet.BoolVar(&c.flagEnableAutoEncrypt, "enable-auto-encrypt", false,
 		"Indicates whether TLS with auto-encrypt should be used when talking to Consul clients.")
+	c.flagSet.BoolVar(&c.flagEnableTelemetryCollector, "enable-telemetry-collector", false,
+		"Indicates whether proxies should be registered with configuration to enable forwarding metrics to consul-telemetry-collector")
 	c.flagSet.StringVar(&c.flagLogLevel, "log-level", zapcore.InfoLevel.String(),
 		fmt.Sprintf("Log verbosity level. Supported values (in order of detail) are "+
 			"%q, %q, %q, and %q.", zapcore.DebugLevel.String(), zapcore.InfoLevel.String(), zapcore.WarnLevel.String(), zapcore.ErrorLevel.String()))
@@ -449,6 +454,7 @@ func (c *Command) Run(args []string) int {
 		ReleaseName:                c.flagReleaseName,
 		ReleaseNamespace:           c.flagReleaseNamespace,
 		EnableAutoEncrypt:          c.flagEnableAutoEncrypt,
+		EnableTelemetryCollector:   c.flagEnableTelemetryCollector,
 		Context:                    ctx,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", endpoints.Controller{})