You're off to a good start, assuming you can truly connect to your server within your private network.
To get VPN working over a public network, you'll need to do the following:
1. Change your server from an automatically acquired IP address from DHCP, to a manual one. In one of the steps below, you will forward VPN ports from your router at the firewall to your server's private IP address. If your server's address gets changed by your DHCP server, then the forwarding won't work. You can take the automatically assigned address it has now, and convert it to a manual one, keeping the same address.
1a. At your DHCP server (time capsule, for you), configure to reserver the IP address that is assigned to your server, so it can't dynamically assign some other device to that address by accident.
2. At your router/firewall (time capsule for you), manually forward the Ports used for VPN services to the intrnal IP address of your server. I think apple's airport config utility makes this pretty self explanatory.
3. If you suspect there's any chance that your external IP address changes occassionally (many IPS's do this), then sign up for a service like DYN-DNS (free). Once you have an account with them, you run the DYNDNS daemon on your server. It will ascertain the external IP address of your network, and forward this info to the DYNDNS server. when you try to connect to <youraccountname>.dyndns.org, it will automatically redirect you to the public IP address of your server.
Once you do step 2 above, the public will begin probing your server. It's remarkable how quickly it begins. Use good passwords on your server. Use a good shared secret for VPN. Dont turn on any server services (ex., SSH) that aren't absolutely essential, and if you do, mae sure they have good passwords, and use RSA certificates for them if possible (turning off SSH password access completely).
