You would need to forward the port to the internal IP (10.0.0.5) of your VPN server.
The device hosting the Pi-hole and the VPN has instructions (set by the installation setup process) to route/mask between the LAN range and VPN range automatically.
You also need to set up Pi-hole to listen to all, under the DNS tab on the /admin/ interface.
We need to instruct Pi-hole to respond to tun0 (virtual interface for the VPN) requests.
That should do it.
Make sure that the port forwarding rule port, matches the one that the clients connect to.
I’d select/configure a higher port though. 194, could conflict with other stuff ...