EDIT

  @btx 

so setting the lan interface does set the DNS server.. BUT if you set it locally on any machine to googles it'll just bypass it, the solution I found for that was involving permitting and denying access to everything but port 53 to force it through the DNS that is set on the lan interface, but I can't seem to understand how that works, if policy groups need to be setup, how to actually do that etc... Again the videos I've seen are setting up for full business settings where they have many many groups, I'm really only working for a local home network where I want to control the flow of traffic through a specific DNS

EDIT

  @Cmang 

you can block incoming VPN traffic by forwarding VPN ports to a non existant IP address.

TCP 1723 for PPTP

UDP 500, 4500 and 7101 for LT2P and IPSec

Others listed with a simple google.

I believe you can block Outgoing VPNs by turning off the respective ALGs

You can set any public DNS server as the DNS address for DHCP LAN clients in the LAN configs (and also in the WAN config)

  @GRL 

So with the public DNS set in both wan and lan, IF I change a dns on my network card to googles, 8.8.8.8 it'll bypass the DNS i've set on the LAN/WAN, this was more what I was wondering about with... if there is a way to force a public DNS through the router so that it doesn't matter if a computer on the network changes its own DNS. Thank you for the information about the VPN information too, I appreciate it a ton!

EDIT

  @btx 

my original post didnt include the 2nd half of it so i updated.  you can block PPTP and L2TP / IPSec client-on-LAN vpns by disabling their respective ALGs on the router, but i dont think you can block OpenVPN. 

Disabling the ALGs effectively blocks any outgoing VPN connections through the NAT of the router

EDIT