I am not for sure how familiar you are with SBS08, but it has a feature called RWW (Remote Web Workplace) if you just open up the ports on your cisco device it already has a built in vpn within RWW. You access it on the WAN side by
https://remote.yourdomain.com Once at this site you login and it will allow you to access Sharepoint (Intranet), RDP to the clients on your network and access OWA(Webmail). You can control who can access what machine externally via the SBS console. The following ports need opened:
Port 25 SMTP (Outgoing Exchange e-mail)
Port 80 HTTP (NOT needed normally)
Port 443 HTTPS (RWW, OWA, remote desktop or Terminal Server sessions)
Port 987 External secure Companyweb access
Port 1723
Port 80 only needs opened if your not using SSL. I do reccommend using SSL.