I've been reading about these topics online but sometimes its just easier to ask questions here.

To start super basic:

What do most of you use port forwarding for? To log on to a specific device remotely on a customers system, yes?

You use VPN to log onto the customers entire network to view all the devices virtually.

Surveillance cameras.

This is my very basic understanding of Port Forwarding.
If you have a DVR that's on port 32789 and you're inside the house, all you have to do is type DVR's LAN IP (say 192.168.0.102) and you're connected. Remembering, that 192.168.0.102 is a specific address, only issued to the DVR therefore all the ports are direct link to between PC and that IP address.

If we try to do the same from outside, using WAN (The Internet), now we only have 1 IP address, which hits the router. The router does not know where to send the incoming traffic.

So we set port forwarding on the router's menu that tells it that anything that comes on port 32789 (as an example of ICR DVR), that it needs to be routed to 192.168.0.102).

I know nothing about VPN, other than once connected, it makes your PC 'appear' to be part of local network (LAN).
I am eager to learn more about it; as in what's needed on both sides of equation (outside of obvious VPN Router), setup, costs, licenses, etc.
Any links complete solution videos or write-ups on how to make VPN work would be greatly appreciated.

As a VPN starter here's a wikipedia quote: "A virtual private network (VPN) is a private network that interconnects remote (and often geographically separate) networks through primarily public communication infrastructures such as the Internet. VPNs provide security through tunneling protocols and security procedures [1] such as encryption."

The keys are:

use a public infrastructure (such as internet)
establish a "tunnel" between VPN endpoints to provide secure communications

Most basically, once this tunnel is established, picture the old "2 tin cans and a string". All VPN traffic goes from one can to the other through that string.

In my former life this is the example I used with customers. There are exceptions to this, but only with more complex implementations.

1. When a corporate employee at their desk in the office accesses any internet site, they must pass through the corporate firewall. The site access can be logged, restricted, etc. according to corporate guidelines. You might get the "ACCESS PROHIBITED BY COMPANY POLICY" screen. They are on a private company network accessing the internet through a centralized access point. They can also access any private company websites (technical, payroll, etc. ) and printers.

2. Same employee at home tries to access the same website and reaches it with no issues, restrictions, warnings. They do NOT pass through the company firewall and cannot access any private company websites.

Employee at home (or hotel) launches their VPN client software (often referred to as remote access) and logs in. They might have a security token with pin or other credentials to enter. Once they are authenticated, and try to access any internet site they must first pass through the corporate firewall. In fact they will look and function the same as scenario 1 above. The "tunnel" forces all their traffic back to the corporate site. If they look at the IP address of the PC it will not be the address from their internet provider, it will be private address from their corporation, similar to the pc located in the office.

A vpn connection requires 2 tunneling endpoints using the same protocols, security, etc. Most often at least 1 endpoint is an "appliance", either a router with VPN software or a specialized device that does VPN only. The second endpoint might be an appliance, but can be VPN software on a PC.

There are various VPN implementations, but I hope this helps give a basic understanding of what they do.

There are VPN primers on the web, but you might have to wade through lot of network-centric jargon and acronyms.

Here's a video on how to set up multiple types of VPN with Mikrotik:

[Link: gregsowell.com]

He has several very helpful Mikrotik videos. Good resource.