Home

Forums

Stories

Knowledge Base

Home Network Community > Deco > DNS Leak with WireGuard on Deco BE95

< Deco

DNS Leak with WireGuard on Deco BE95

AnyArmato

a week ago

Posts: 20

Helpful: 18

Solutions: 0

Stories: 0

Registered: 2024-03-28

DNS Leak with WireGuard on Deco BE95

a week ago

Model: Deco BE95

Hardware Version:

Firmware Version:

I’m using WireGuard on my Deco BE95 with Surfshark VPN, and I’m seeing DNS leaks on tests, even though:

WireGuard DNS is set to 194.169.169.169
AllowedIPs = 0.0.0.0/0
“Exclude private IPs” is off
IPv6 is disabled
Deco WAN IPv4 DNS is also set to 194.169.169.169

Testing the same WireGuard config directly on my iPhone does not leak DNS. This indicates the leak is caused by the BE95 firmware — system-level DNS queries (mesh, device discovery, or router services) are bypassing the VPN DNS.

I’ve rebooted, toggled WireGuard, and double-checked all settings — the leak persists.

Request: Can TP-Link provide a fix or guidance to ensure all DNS queries on the BE95 go through WireGuard, fully respecting the DNS setting?

Thanks!

2 Reply

David-TP

Tuesday

Posts: 16800

Helpful: 2454

Solutions: 2643

Stories: 9

Registered: 2020-04-14

Re:DNS Leak with WireGuard on Deco BE95

Tuesday

@AnyArmato

Hi, can I have the firmware version of the Deco BE95?

For the DNS leaks, did it specifically refer to the ISP DNS?

How do you notice there were DNS leaks? do you save any logs or screenshots?

If you do, it would be highly appreciated if you could send an email to forumsupport.usa@tp-link.com and attach these details so that our senior engineer can help us run further tests.

Subject: [Forum Escalation][ID 849892] DNS Leak with WireGuard on Deco BE95

Thank you very much.

Best regards.

▶Check What's Currently Going on With Deco ▶Deco X50_V1_1.8.0 Significantly Expanded the Client Connection Details and Added Channel Selection ▶Deco X50/X55_V1.3_1.3.1 Introduced Channel Selection, WiFi Access Control and WireGuard VPN ▶Deco BE65/BE65 Pro 1.2.0 Enhanced Mesh Network Stability and System Security ▶Deco BE75 1.1.0 Added WireGuard VPN, Manual Channel Selection and More Try to leave a Message if urgent help is required.

AnyArmato

LV2

Tuesday - last edited Tuesday

Posts: 20

Helpful: 18

Solutions: 0

Stories: 0

Registered: 2024-03-28

Re:DNS Leak with WireGuard on Deco BE95

Tuesday - last edited Tuesday

0e1a1b23d48144f4aa5da5bf06122805

@David-TP The BE95 isn't following DNS rules and is bypassing the VPN DNS, which is causing the leak. This can be shown on sites like dnsleak and even SurfSharks DNS leak checker. I don't have a screenshot of that at the moment while I'm at the office.

DNS Leak with WireGuard on Deco BE95

DNS Leak with WireGuard on Deco BE95

Information

Voters 1

Tags