Can you have another client machine on the remote domain set up that you could use remote desktop to access it? I don't know enough about VPN or virtual machines to know if it's inherently more secure or not, but I would think you should be able to establish a secured connection from your local machine configured on your local domain and connect to the remote machine configured and connected to that domain. We use the remote web workplace built into SBS2003 for remote connections to desktop clients running at the office. Alternatively you should be able to set up port forwarding or somesuchthing with VPN to access the remote machine directly from the RDP client on your local machine (ie. remotemachineipaddress:3389). I think you might find performance is much better than VPN for larger files, etc. I used to VPN at work and it was painful working on even modestly sized spreadsheets, etc. vs. just remoting into an available machine for the same work. Just a thought!
I just don't see how that would work AT all.... If you RDP'd into a secure connection via VPN, you essentially are JOINING a domain. So how would that remote computer be able to join a different one then it's already assigned to? Not likely.
I think I've got him convinced that the easiest thing to do is just use LogMeIn to access local files and email. I installed it today and he's test driving it now. If he decides it won't work for his needs, I'll suggest the VM route.[
I'm confused. You asked for help. Everyone gave suggestions, and you chose another option that NONE of us suggested. Interesting.