I am new to Qubes and am trying to get my system setup so that I can start using it. I am having trouble updating my Debian 10 template through the qubes manager. I am using a VPN service, my setup is sys-net->sys-firewall->vpn->vpn-firewall. My qubes.UpdatesProxy files looks precisely like this for template VMs, spaces and all:
#Default rule for all TemplateVMs- direct the connection to sys-net
$type:TemplateVM $default allow,target=vpn-firewall
I deleted all my whonix vms and templates and commented out the rules for these. I do not trust Tor network for security.
I searched through a lot of previous posts on this matter and tried to enable tinyproxy and qubes-updates-proxy in the services tab of vpn-firewall. I also tried this on vpn qube itself, thinking maybe vpn- firewall was blocking it with no luck. Internet works fine through vpn-firewall.
I am using all Debian machines, I screwed up and connected my Fedora 32 template to the internet on accident and saw the symbol in the qubes manager that changes were made to the template, I had no idea what was changed since I did nothing so I treated it as compromised and switched everything to Debian. I proceeded to screw up again forgetting that a proxy is used for updates and connected my debian template to the internet, and saw this changes made symbol again even though I did not update. Once I fix this I will delete and reinstall my templates, since having had out of date templates connected to the internet makes me feel uneasy.