I am reading your guide and on last step (pt ... I am working to get the set-up TOR -> VPN. I'm configuring OpenVPN on Whonix Workstation and have it working on Whonix Workstation via OpenVPN. You mention here: <https://www.wilderssecurity.com/thre...gateway-with-any-vm-as-a-workstation.374072/> that OpenVPN needs 2 lines with socks-proxy. I never did that on Whonix Workstation and OpenVPN seems to work (whatismyip shows VPN exit). What is the functionality of those two lines? Am I missing something - what is /path/to/up? Are those 2 lines only for configuring non Whonix Workstation VMs? (like Ubuntu connecting to Whonix Gateway)? - While I have Whonix Workstation w/ OpenVPN working, I am also considering TOR -> VPN using Whonix Gateway or pfSense TOR install, which I do not know how to do. Can you elaborate on which method you think is best for anonymity / avoid browser fingerprinting? (Whonix Gateway -> Ubuntu, pfSense TOR -> Ubuntu, Whonix Gateway -> Whonix WS w/ OpenVPN) My concerns are: 1. Firewall Rules: I cannot get adrelanos' firewall script to work with Whonix/VPN. As soon as it is enabled with correctly configured IP, it blocks all access. It works perfectly on Ubuntu w/ OpenVPN. Also since Whonix makes checks on bootup, is it even a good idea to have firewall load on bootup too (assuming I can get it working)? OTOH with a pfSense TOR install, I think should be easy to attach Ubuntu VM via LAN and get adrelanos' firewall script up easily (or nest pfSense VPN VM). 2. Browser Fingerprinting - If I am use Whonix WS TOR Browser with OpenVPN - would I look very unique in terms of fingerprinting profiling? I go on site that and site will know that I am using TOR Browser + non TOR IP. Can an adversary see that I am using TOR browser? Panopticon EFF seems to show that I am Windows user (but 1 of 2000). But Adrelanos in old thread mention that TOR -> VPN would make fingerprint look suspicious bc not many TOR users add a VPN on top. I prefer Ubuntu VM instead of Whonix WS but have not figured out a way to connect Ubuntu VM to Whonix Gateway VM (or install TOR on pfSense VM). In above thread you mention you could provide instructions for installing TOR in pfSense - can you please elaborate? Suppose I get Whonix Gateway -> Ubuntu VM and I don't care about RAM. If I use Ubuntu's Firefox, my browser fingerprinting should then be more "common/anonymous" right (masked same as Ubuntu users)? Is this correct? But you also mention that I am less secure using Ubuntu Firefox instead of TOR Browser because TOR Browser has built-in privacy add-ons/patches? How much less secure would I be using Ubuntu Firefox instead of TOR Browser in this setup? Given firewall/browser fingerprinting concerns, which set-up would you recommend to be more anonymous? I know this is a lot so thank you so much for reading this and helping me! English is not my language so thank you!