we have the same and use a token to generate the random numbers. I use vpnc and it works pretty well.... just the basic config worked and didnt require much of a work...