How do I share a VPN connection to bridge sites? s2svpnadmin?

This is one of those "I strongly suspect there's a way to do this, if only I knew how" questions. Some help will be greatly appreciated. [b]Can a Mac with two interfaces (airport/ethernet or ethernet/ethernet) log onto a VPN server with one interface [i]and then share it[/i] with the other to bridge two remote networks?[/b] I've tried this by logging on to our VPN and then turning on Internet Sharing (from a regular Mac, not OS-X server), but it seems it isn't nearly that simple. Our PPTP VPN server is hosted on our XServe (Server v10.4.10) at work. This and a second location are linked with standard (but fast) ADSL broadband. I can log in from both Mac and Windows VPN clients at the external location and indeed the experience is just like being at work- printers, file servers and other resources (eg networked Filemaker databases) are all visible. Yay. Can I extend this concept further by logging onto our VPN with one interface (eg Airport) and then enabling Internet Sharing through the second interface (eg Ethernet)? Will this allow a small network connected through the second interface to all behave as though they are on the work network, with transparent access to fileservers, printers and so on, without each bothering individually with VPN logins and so on? Can a regular Mac with two NICs to do the same job, acting as a router between the two networks? I have seen various references to a command line utility called [b]s2svpnadmin[/b], but this seems only to work between to OS-X Servers. Ideally, I'd like a regular Mac to act as the router at the remote location. I don't know if s2svpnadmin is the solution (Apple's documentation suggests strongly it is), but does anyone know if it can be added to a regular Mac (10.4) client? Yes, I know I'll need to enable L2TP VPN as well as our current PPTP for it to work properly. I might add that one implementation of any solution we are seeking will be to allow users to go home with their MacBooks, log onto their home DSL broadband via Airport, and then plug in the VOIP-capable handsets our new phone system came with to the ethernet jack. The vendors are offering us expensive "VPN boxes" to do this but I am banking on this as a software solution. Thanks!