Types of VPN access:
Site-to-site VPNs and Remote-access VPNs
Site-to-site VPNs connect entire networks to each other, this means, site-to-site VPN can be used to connect a branch or remote office network to a company headquarters network. Each site is equipped with a VPN gateway, such as a router, firewall, VPN concentrator, or security appliance.
In the figure below, a remote branch office uses a site-to-site-VPN to connect with the corporate head office.
A telecommuter hosts send and receive TCP/IP traffic through a VPN gateway, which could a router or a PIX firewall appliance.
The VPN gateway is responsible for encapsulating and encrypting all outbound traffic from a particular site and sending it through a VPN tunnel over the Internet to a peer VPN gateway at the target site. On receipt, the peer VPN gateway strips the headers, decrypts the content, and relays the packet toward the target host inside its private network.