Firewall protection for remote users
I'm assuming that what you mean by your question is that you want to provide firewall protection for your remote users. The way that is done is by using a VPN, as you suggested. Further, your remote users must always connect to your home network and never to the Internet directly. All requests for Internet service must come to the home network via the VPN and back to the Internet via the firewall. By configuring the remote users this way, they are protected the same as if they were directly connected on your home network. There are many companies that make VPN products that can be configured to work in this fashion.