Just about as safe as any other connection you make across
the internet. Just realize that no security is fool
proof, and a person trying to break into your encrypted
packets will succeed no matter what, as long as they put
forth enough effort. They could do a brute force attack
on the encryption of your packets, and assuming time
wasn't an issue, they could eventually crack it.
So...assuming the above is true, it is your job to make
your RDP packets extremely difficult to break into. If
you use 128-bit encryption on those packets, it'll
probably take a would-be hacker years, if not decades, to
break into those packets. Using a VPN will make this time
even longer. The point is...how tough do you want it to
be for hackers to be able to break into your encrypted
packets?
-M