I found an very Interesting Hardening Concept on Github: GitHub - tasket/Qubes-vpn-support: VPN configuration in Qubes OS
The guide is outdated but I am not able to upgrade it to 4.2, has anyone the time and will to make a working version for 4.2 or any suggestions on how to?
I planned to use the Wireguard Protocol.
Thanks in Advance
Welcome here!
Try that 
Thanks for the quick anwser
I have seen and tried that guide it works very good!
The key difference in the guide I send is that it configures a proxy gate for the VPN- configured wich blocks all possible leaks etc. ,like the sys-whonix for the whonix-workstation.
This would add a strong anti leak protection and also act as an additional firewall before the VPN-Qube. Not requiring additional firewalls.
This is my Understandig of the guide please correct me if I am wrong, thanks.
If you just allow the vpn’s ip in the firewall rules, i don’t see where you could have leaks.
Perhaps someone could confirm it? @solene the writer?
Yes, using the qubes firewall to block everything except the endpoint host + port would guarantee there is no leak.