Every VPN has two endpoints. The first endpoint is the local machine itself and the second endpoint is the "remote peer" (the machine you are either trying to establish a VPN to, or the machine who is trying to establish a VPN to us).
The two endpoints are represented as security gateways. A "Local Security Gateway" describes a local interface on your machine (its IP address, its default gateway, maybe it's certificate, etc.).
A "Remote Security Gateway" describes a peer to which you wish establish a VPN with. Much like a Local Security Gateway you set things like the peer's IP address and certificate.
A very important thing to keep in mind is orentation. Below is an example. The Local and Remote Security Gateways would be on Machine 1:
The two security gateways are 192.168.1.200 and 192.168.2.200 and the VPN in the above example bridges the two subnets 10.10.10.0/24 and 10.10.20.0/24.