The choice of distribution is really a personal one. Security is not a product, but a process. The decision of which Linux distribution to use is not a decision that depends solely on the quality of a vendor's boxed Linux distribution with respect to its VPN capabilities. It also depends on how the system administrators, who are the ones that will need to work with the security product, will interact with that product.
If you install a highly secure Linux distribution that your system administrators do not understand, then your VPN server will likely not be maintained very well. As a result, your once highly secure VPN gateway will acquire security holes. It is important to pick a distribution that the system administrators who will need to maintain it are comfortable with. If that distribution does not support IPsec, you can still add it by building your own Linux kernel and by building Openswan from source code.
If you are completely new to Linux, pick a more popular...