Not sure where are you in the process of studying the stuff. Let me explain this as follows.
Peers A and B want to create a VPN tunnel between each other. Each peer generates a pair of keys: public_A/private_A; public_B/private_B. Then they send public keys to each other. Private keys are kept in secret:
A B
public_A --------->
<----------- public_B
Then, using its own private key and public key received from peer, each peer calculates a session key. Due to math used, that key is the same for both peers, and it never passes through the medium (e.g. Internet). This is basically how a DH exchange works. And this is used when VPN (IKE) tunnel is set up.
Then, for securing the traffic in a tunnel, derivatives of the (symmetric) session key are used.
The challenge here is to not confuse the following:
1) public/private keys used during DH exchange (asymmetric)
2) session key, generated from them (symmetric)
3) pre-shared key (symmetric) used for authenticating the peer (if certs are not used)
I hope this info helps, together with what you can find on Wikipedia and other resources.