Why a VPN?
1) You don't want anyone else having access to your application server. With SSL, you expose your server to the Internet. Anyone can take a crack at it.
2) You would like to do other things on your network securely, such as using RemoteDesktop, drive mapping, etc.
Why SSL?
1) Easier to configure (already mentioned).
2) You want others to have access to your application without giving them full access to your network (via VPN).
VPN Cons?
1) Unless you know how to just add VPN client services to your client application, you will most likely use a devices build in VPN client to connect to your VPN at home. From then on, all traffic is routed to your home network and any application can suddenly have access to your home network (even background apps). Of course this stops once you disconnect from the VPN. Every time you want to use your app, you have to fire up the VPN.
2) You need VPN hardware/software at your home. If your router does not have a VPN server build in, then you either
a) Replace your router
b) Set up a VPN server (and use your router's VPN passthrough functionality to pass all VPN traffic to this server).
3) Can be very complicated to set up/get running. Hopefully it works with the VPN client on your device(s).
4) VPN can be sporadic. Sometimes it will not let you connect. The VPN Server crashes randomly. The traffic is too much and you get kicked off. And on and on and on.
5) If your VPN gets hacked, everything on your network is exposed.
SSL Cons?
1) For each service that you want to expose, you'll have to set up SSL. With VPN, once set up, you can just access anything on your network.
2) You are exposing your services to the internet.
If you need #2 under "Why a VPN?", then that functionality alone offsets all the "VPN Cons". If you just want to expose a single server, then SSL (and firewalling the server) is the way to go.
