The authentication credentials are generally encrypted before being passed.
Some VPNs like OpenVPN can also be set up to use keys manually installed at both ends to encrypt. And you can pass all traffic, not just private subnet traffic through them.
They of course won’t encrypt plaintext traffic between the endpoint server and the Internet at large, but they’ll protect all traffic between the device and endpoint.
Perfect for preventing casual snooping on insecure hotel networks, for example.
Using VPNs to access servers or printers on a private subnet is just scratching the surface of the capabilities of the technology.
