If a Tor entry guard is running on the same server (same IP) as the VPN server (same IP), and if VPN breaks down, Tor may connect directly to the VPN if it happened to choose that Tor relay (same IP) as entry guard. This is not that unlikely, because a lot VPN providers support VPN port forwarding, use public IPs and people host Tor servers behind VPN's.
A partial solution for this to set the VPN VM's firewall rules to allow connections only to the VPN server. Specifying destination port in that firewall rule should help a lot. Some cases will not be solved (like VPN running on 443).
A full solution is to allow only user tunnel to connect to the open internet. All other users not.
(Similar to T460.)
- improve above issue description
- check if bitmask is affected