After the Genius Bar guys at our Hamburg Apple Store had given up on this issue, I finally solved the problem - my VPN is up and running!
After re-installing both OS X Lion and Lion Server several times I realized that certain settings (apparently also for the VPN server) are kept in the invisble recovery partition that Lion installed on my Mac Mini (e.g., 'com.apple.RemoteAccessServers.plist'). They even survived a reformatting of the hard drive. Something must have gone wrong the first time I tried to set up the VPN server and the "sudo serveradmin settings vpn" command revealed that the settings survived every re-installation.
Therefore, I physically removed the hard drive and formatted it using a different Mac running Snow Leopard.
It is important not only to erase the disk but also to partition it. This might even work under Lion without having to remove the drive...
After another re-installation of OS X Lion on the clean drive over the Internet from Apple's server (pressing the command-R keys while rebooting) I did a system update and subsequently installed the Server app.
After that I was able to start the VPN server from the Server app.
Inside my local network it was then possible to connect to the VPN server from an iPad 2 (iOS 4.3.5) and from an old Powerbook G4 (Leopard), but not from a MacBook Pro with Snow Leopard.
However, all clients were able to make an external connection through my Deutsche Telekom Router (SpeedPort 722V) with forwarding of ports 1701 (UDP), 500 (UDP) and 4500 (UDP) and enabled GRE and ESP protocols.
For the sake of security I have disabled (closed) all arbitrary ports of the server's own firewall while it's local network ports (192.168.x.y) are all open to enable any internal connections.
It is a serious restriction, however, that the Lion Server only offers the L2TP VPN protocol. Maybe the commercial iVPN solution is an acceptable workaround: http://macserve.org.uk/.
Regards, Björn