I'm afraid that I have next to no useful information on iPads what so ever (they are a complete waste of space), but I can still try to explain how VPNs work. I am going to attempt to explain this in a practical sense whilst still going into enough detail that you will be able to understand the theory too. If anyone spots something I got wrong, please tell me.
There is something called an SSH protocol, it's like a remote version of the terminal (linux version of the command line)
If you have ever used SSH, you are already half way there to using a VPN. The SSH protocol supports SSH tunneling (it's where you send packets of data through an SSH connection, in your case web traffic)
By using an SSH tunnel you are sending your traffic between your client and server in a form that a router / firewall cannot understand (it looks nothing like web traffic and the fact that it's all encrypted means even if it could tell what it was, it wouldn't be able to do a damn thing to it)
Imagine that you were to set up a linux box at your home and install PuTTY (an SSH client) onto your laptop / a USB stick
In PuTTY, navigate to Connection > SSH > Tunnels, set the Source port to anything you want (personally i use port 1337), set the destination to Dynamic, and click "Add". Next go session Category, type your server address into the Host Name box. NOTICE: The port number here is typically 22, unless you changed this on your server, leave that on 22, this number should NOT be the same as the one you set in the "Tunnels" tab. All you have to do after this is click Open / Start / what ever it is
Finally, open your browser of choice and set up a proxy in it to localhost (127.0.0.1) on the port you put in the "Tunnels" tab of PuTTY, in my case 1337. You are now successfully running all your internet traffic to and from your browser via your linux server in an encrypted form that any firewall / router will not be able to read
What you have just done is told your browser to run all it's network traffic into PuTTY which will encrypt it and send it off to your linux server which will send it onto the web, unaltered. The full step by stepp process can be seen below:
Without proxy:
1. Web browser (sends a request for a website, this connection has to pass through the networks router / firewall)
2. router / firewall (passes the connection onto the "internet", it's more complected that that but this will do fine for our understanding. The router may be programed to block the traffic if it is trying to access a website your network administrator does not want you to access)
3. Internet (where your desired website resides)
With a proxy:
1. Web browser
2. Proxied to localhost (this effectively runs your browser traffic back into your PC into PuTTY)
3. PuTTY sends it out (PuTTY packages the traffic into it's own fully encrypted packets and sends it on it's way)
4. router / firewall (has no idea what this encrypted traffic is, cannot decrypt it, most likely lets it pass freely)
5. Your linux server (decrypts the SSH traffic and retrieves the web browsers traffic)
6. Internet (The server sends out the traffic onto the web, as it was sent out from your PC)
Potential problems:
- The firewall may have blocked port 22 (if so change it to one that is not blocked)
- The firewall may not allow traffic that it can't read (Very unlikely, would block a lot of traffic and annoy a lot of people)
- The ip address of your server may be blocked (The firewall may not know what the traffic is but it does know whhere it's meant to go. If you IP address has been blacklisted, it will not deliver the packets)
Once again, I have ho idea how you would do this on a tablet (especially one made by apple), but I hope you now have a better understanding of networks and how data is transmitted through them