New network and Server configuration

Hi all, I'm new here and glad to be a part of the forum.

Your advice is needed regarding some things and I will try to explain myself as best as I can for my knowledge in that area.

First, I need to build from scratch a new small office network.
I’m going to install a new 2008r2 server, create a new domain controller and create users.
I will need a VPN server, I thought of using the built-in windows server’s VPN ability but I read it’s very un-secured and recommended of using OpenVPN. I hope it’s easy to install and configure it, I’ve never done this before. Maybe someone can confirm or recommend something else?
As for firewall, does the built-in windows server firewall is enough? Will someone recommend using a different firewall but something not expensive? Maybe even with VPN? Is there something like this available?
Now, besides that, there is a specific need for hardening 2-3 computers to connect to a remote network.
These computers needs only one thing – RDP to a remote computer. That’s it. No internet access, no USB keys, nothing. I thought of creating a policy which will block by windows firewall every connection besides RDP and also will block USB keys and etc., but if one will connect with RDP and can share local resources, he will be able to copy stuff to his computer from the remote one – something I’d like to prevent.
On the remote network, I will have Cisco firewall and VPN, I don’t know the model. Anyone knows if Cisco’s firewall have the ability to allow specific computers to connect to specific servers and other computers only to other specific servers?
I apologize for the length and for my English (it’s far from being my native languge).
I will much appreciate any effort of help in any way.

Thank you all and enjoy your weekend.