we have a microsoft network, with server 2000 and 2003 servers. We also use windows xp for desktops.
We have a few users who work remotely. the way we enable this currently is
to enable routing access in server 2000.
grant dial in access to the user
redirect vpn protocols to the correct server.
also we the user uses remote desktop to connect to their office pc.
at current this works perfectly and all users are happy.
also it costs us nothing.
if we wanted to increase security without spending a fortune which would be a better way of increasing security for vpn users
i have a had a look at secureid and dedicated hardware firewalls to ena;b evpn, eg sonicwall.