Your question is a little unclear, but I'll give a broad overview. My apologies if this gets just a bit political, but I think its neccessary to explain properly.
A VPN works by encrypting all traffic between the VPN endpoints - thus A correctly set up VPN of OK quality should bypass all restrictions if it can make a connection to an endpoint on the other side of the government firewall. A correctly set up VPN should be detectable but not intercepted - which leaves the government the choice of allow the VPN without intercepting it or block all VPN's (with many governments choosing to allow VPNs because it can be a game of wack-a-mole to identify them, and they risk upsetting big businesses who may show their displeasure by pulling out the country and reducing jobs). It is possible to slow down VPN's if a government wants to do this, but generally slowdowns are a side-effect of the firewall rather then the goal.
There are a number of ways sites can be banned. The most common are -
Intercepting DNS and blocking domain names where sites host undesirable content. The advantage of this is it is relatively fast and light weight. The disadvantage (to the government) is they can't see the traffic being viewed and its fairly crude in its accuracy as it works at a domain level. Practically speaking it also requires the support of the ISP's in the country, and people with knowledge can circumvent this.
A government can cause ISP's - or can itself block IP addresses. This is quite hard to subvert (from an end user point of view), but is also crude as it works at an IP level. It can cause problems with sites behind reverse proxies, which is fairly common for large sites using Cloudflare and cloud providers. (ie if multiple sites share the same IP of a reverse proxy, all risk being banned).
A government can intercept all requests and allow/block these based on the request. This is fairly fine-grained and allows the government to look at context. It is also CPU intensive and likely causes slowdowns. The downside is that it doesn't "just work" on todays Internet because most traffic is end-to-end encrypted (eg https sites). The way governments would get around this limitation is by requiring all users of the Internet to add a government issued root certificate - this allows the government to "MITM" (man-in-the-middle) the connection - effectively pretending to be the site to the end user, and the end user to the site, and seeing all the traffic between the 2.
It is possible for governments to mix and match the above technologies. Its also likely that large players (ie Google) enter into agreements with governments [ in order to not be blocked ] and facilitate blocking for the government in return for being able to operate in the country. (These deals are typically kept secret, but every-so-often leak out - I do recall some years ago Google taking a stand against the Chinese Government by refusing to co-operate).
As an aside, even in "so called free" countries, the dirty secret is that governments require large ISP's to be able to divert traffic through systems the government controls, even having special standardised protocols for handling this. (In case you think I'm making this up, the New Zealand law - which is the jurisdiction im most familiar with - can be found at https://www.legislation.govt.nz/act/public/2013/0091/latest/DLM5178035.html and official commentary on equivalent legislation in AU can be found at https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/telecommunications-interception-and-surveillance )