Provided is an apparatus and method for virtual private network (VPN) communication in a socket level that can be applied in an Internet Protocol version 4 (IPv4)/IPv6 complex network, and can process data in a socket level to make a VPN communication apparatus available in many applications requiring more security, as well as a web application. The apparatus includes: a VPN database for storing connection information of an internal device and an external device and security-related information associated with the connection information; a packet analyzing module for analyzing a packet received from the internal device or the external device, obtaining connection information of the device, and storing the obtained connection information in the VPN database; a key exchange engine for performing a key sharing process with the device, generating the security-related information associated with the connection information, and storing the generated security-related information in the VPN database; and a socket data processing engine for encoding or decoding data in the socket level based on the security-related information stored in the VPN database, wherein the data is transmitted to and received from the internal device or the external device.