VPNs can be either remote-access (connecting a computer to a network) or site-to-site (connecting two networks). 

VPN systems may be classified by:

the tunneling protocol used to tunnel the traffic

the tunnel's termination point location, e.g., on the customer edge or network-provider edge

the type of topology of connections, such as site-to-site or network-to-network

the levels of security provided

the OSI layer they present to the connecting network, such as Layer  circuits or Layer  network connectivity

the number of simultaneous connections.

User-created remote-access VPNs may use passwords, biometrics, two-factor authentication or other cryptographic methods.

Network-to-network tunnels often use passwords or digital certificates.

They permanently store the key to allow the tunnel to establish automatically, without intervention from the administrator.