I have analyzed some of the traffic with Wireshark while connected to my GL-AR750 (Wireguard Client connected).
While connected, I could see that in between mostly TLS 1.2 connection requests, there were some plaintext DNS and HTTP requests being sent, and the router connected to some domains, such as portal.actalis.it, various Microsoft owned domains, and others.
I could also see your domain name, which indicates that between my device and the router, the request is not being encrypted, so that falls under WPA2 password security I guess.
Is it normal to see plaintext data while connected to the router?
Is there a way to encrypt it in some form in the router’s options?
I have it configured as Wireguard client with my VPN provider.