To guarantee privacy for the organization, VPN specifies that each IP datagram destined for private use of the organization, must first be encrypted and then encapsulated in another datagram as shown in figure.
This is called tunnelling because the original datagram is hidden inside the outer datagram after exiting R1 in and becomes invisible until it reaches R2. It looks as if the original datagram has gone through a tunnel that spans R1 an dR2.
As the figure shows the entire IP datagram is first encrypted carries the actual source and destination address of the packet. The outer datagram header carries the source and destination of the two routers at eh boundary of the private and public networks as shows in figure.
figure Addressing in a VPN