If the systems are on a local network, vpn is pointless. All it does is tunnel local data thru the internet (or any other network) so it appears to be local.
If you want to use a dc for it, at minimum the system hosting shares needs to be member of that domain.
Unless both are members, one has to access the root of the share and wait for a password prompt before the contents can be accessed (ie you can't just make a link to a program on the share and doubleclick it, unless you've already visited the share : rpc limitation in windows). When prompted for the password, the username has to contain the domain. Either expressed as domain\username or username@domain
If you run windows 7 on both computers and they are not part of a domain, you can just add them both to the same homegroup, and share whatever you want using the built in guide. Much simpler, but limited to win7 and standalone systems
You can also share items on a computer without needing a domain controller. But since windows xp you can't access shares using a user with blank passwords. Other limitations apply as well. They can all be fiddled with using secpol.msc, but doing so significantly lowers security levels. A properly configured firewall between your office mashines and the internet is crucial.
Also the firewalls on the systems need to allow filesharing, and in vista and up you need to specificly allow sharing on the types of network you have told the system you're using. Windows' built in firewall has standard rules for it that just need to be ticked.
In windows xp in some cases you ironicly need to turn off simple file sharing to even make it work. Sharing files contained in the documents and settings folder is not advicable, as new files are automaticly set to not be accessible by anyone else.
This means you'll get an access denied error on files created after the share was put in place, unless you go meddling with windows default security. Which again endangers the system as a whole. Don't do that.