Allow VPN to windows 2000 server ?

[Hamish Kibblewhite]

Hi,
        I have become involved with trying to secure the internet access at
my sons primary school.

The school has a linux gateway running debian which connects the school to
the internet.   (Kindly provided by an ISP - the founder of which has a
child at the school)

The schools other systems are cared for by a 3rd party provider.  And the
3rd party would like to be able to support the school Windows 2000 servers
via a VPN.  My questions are
- is this possible with iptables?
- can anyone point me to the "stuff" I need to know / read about.

I have already come up with a script that would tighten the internet
gateway with respect to forwarding / input / output and allowable internet
services.   However I don't know enough about VPN's and more importantly
don't have a windows 2000 server at home to test VPN's throught a linux
gateway with iptables with.  So I need to get the lists help to find out
what has to happen...

I wish to be able to deliver the script to the ISP as an almost 'fait
accompli' - the easier I make it for them, the more likely it is to happen.

regards,
Hamish Kibblewhite