A Virtual Private Network can be described as the ability to "tunnel" through the Internet or other public network in a manner that provides the same security and other features formerly only available on private networks. It allows a user working at home or on the road to connect to a remote corporate server using the bandwidth provided by the public network. VPN allows a corporation to connect with branch offices, or with other companies, while maintaining a secure PPTP connection.
From the user's perspective, the nature of the physical network being tunneled through is irrelevant because it appears as if the information is being sent over a dedicated private network.
From a more technical perspective, a VPN tunnel encapsulates data within IP packets to transport information that does not otherwise conform to Internet addressing standards. The result is that remote users become virtual nodes on the network into which they have tunneled.
A user on a Remote Access Service (RAS) client machine with a PPTP driver as its WAN driver will be able to access resources across the Internet on a remote LAN through a Windows NT RAS server, via tunneled and encrypted PPP packets. (RAS supports bulk data encryption using RSA RC4 and a 40 bit session key negotiated at PPP connect time between the RAS client and the Windows NT RAS server.)
A conceptual model of a VPN. Remote clients connecting to IP-, IPX- or NetBEUI-based corporate networks via the Internet.
The PPTP-based solution will also enable the Internet to become a backbone for carrying IPX as well as NetBEUI remote access traffic, so a solution is not tied to IP LANs only.