A method for providing peer-to-peer virtual private network (P2P-VPN) services over a network. The method includes identifying subnet and host addresses for each user device requesting participation in a virtual private network (VPN) session. Once the subnet and host addresses are identified, a virtual private host (VPH) is initiated for each user device, where each VPH communicates with each user device via a respective tunnel through the network, thereby enabling secure communications between the user devices.