I found an very Interesting Hardening Concept on Github: GitHub - tasket/Qubes-vpn-support: VPN configuration in Qubes OS
The guide is outdated but I am not able to upgrade it to 4.2, has anyone the time and will to make a working version for 4.2 or any suggestions on how to?
I planned to use the Wireguard Protocol.
Thanks in Advance
Welcome here!
Try that 
Thanks for the quick anwser
I have seen and tried that guide it works very good!
The key difference in the guide I send is that it configures a proxy gate for the VPN- configured wich blocks all possible leaks etc. ,like the sys-whonix for the whonix-workstation.
This would add a strong anti leak protection and also act as an additional firewall before the VPN-Qube. Not requiring additional firewalls.
This is my Understandig of the guide please correct me if I am wrong, thanks.
If you just allow the vpn’s ip in the firewall rules, i don’t see where you could have leaks.
Perhaps someone could confirm it? @solene the writer?
Yes, using the qubes firewall to block everything except the endpoint host + port would guarantee there is no leak.
I had similar leaks when using Firefox in a Whonix-based AppVM behind a VPN ProxyVM. Turns out WebRTC and some DNS settings were the culprits. Disabling WebRTC and using DNS over HTTPS helped a lot.
Also, I noticed more stable performance when I chose to buy residential proxies instead of sticking with datacenter ones - they’re less likely to trigger captcha loops or sudden disconnects.