Without getting into a discussion over the pros and cons of Tor, Tor over VPN, VPN over Tor, one of the things that I’m trying to do is set up 2 types of disposable qubes: one which would connect directly over Tor through the default sys-whonix qube by having sys-whonix connect through sys-firewall, and the second to connect to Tor over a vpn by having a sys-whonix clone connect to a vpn qube, that in turn then connects to sys-firewall.
I’ve tried just making a clone of sys-whonix and then a clone of the whonix-ws-16-dvm default qube, and setting the clones up as the “over vpn” option, and I’ve also tried cloning the ws vm, gw vm, sys-whonix vm, and the whonix-dvm appvm, and setting those clones up with the default disposable of each set to the clone and connecting sys-whonix-clone to the vpn vm and then sys-firewall.
Anything that I’ve tried ends up not quite working. I’ve tried each with all qubes shut down, to see which boot. Opening Tor browser in the default whonix-ws-16-dvm qube will launch sys-net, sys-firewall, sys-whonix, and then Tor browser in a disposable whonix-ws-16-dvm vm, just as the default setup does it.
When I attempt to launch Tor browser through my Tor-over-vpn clones is where I run into trouble. sys-net launches, then sysfirewall, then my vpn-vm, then sys-whonix-clone (this is the clone set to connect through the vpn vm first, rather than directly to sys-firewall). Then a disposable qube starts with my whonix-ws-16-dvm-clone vm. So far, so good. When the Tor browser launches though, the default sys-whonix vm is then launched as well. This leads me to believe that the disposable that is supposed to be connecting to Tor-over-vpn via sys-whonix-clone>vpn-vm>sys-firewall>sys-net is possibly instead acting as direct Tor via sys-whonix-clone>sys-firewall>sys-net.
Hopefully this makes sense as an explanation, and I’d welcome all help. My apologies if this is a topic already covered, but I couldn’t find a discussion that addressed this issue specifically.