Plaintext HTTP and DNS requests from computer to VPN router

Hi.

I have analyzed some of the traffic with Wireshark while connected to my GL-AR750 (Wireguard Client connected).

While connected, I could see that in between mostly TLS 1.2 connection requests, there were some plaintext DNS and HTTP requests being sent, and the router connected to some domains, such as portal.actalis.it, various Microsoft owned domains, and others.

I could also see your domain name, which indicates that between my device and the router, the request is not being encrypted, so that falls under WPA2 password security I guess.

Is it normal to see plaintext data while connected to the router?
Is there a way to encrypt it in some form in the router’s options?

I have it configured as Wireguard client with my VPN provider.

Thank you!

I think portal.actalis.it and Microsoft domain connection are from your windows, not the router.

Once it goes to the router, it will go encrypted via Wireguard.

Yes it is normal to see plaintext data from your pc to the router. It is local connection so there is no man-in-the-middle. Also if you do not want to see plaintext connection, you should set up vpn on your pc.

The router encrypt its data via Wireguard to the vpn provider. It is on the Internet side, not LAN side.

Also, pls try to “override all dns request” and use encrypted DNS on the router so that your DNS is not leaked.