First create a VPN tunnel between to 2 ISA perimeter firewalls (as I remember the ISA 2000 VPN wizard does this the wrong way araound – I have pointed this out on ISASERVER.ORG, but the “experts” denied it).
Next you need to consider DNS. Create secondary zones in the opposite forest, so every DNS server contains it’s own forest + the opposite forest (if you upgrade to W2003 DNS you can use conditional forwarding instead).
Then create the 2-way trust between the 2 domains (as you’re using VPN tunnel – you do not need to configure additional access rules in the firewalls).
Permissions for the opposite domain needs to be set on the “resource”
Things to look out for for this to work: basically this comes down to bandwidth. You’ll need at the very least a dedicated 2 Mbps line (both downstream and upstream) if people are going to work just a little across the line (opening/saving files etc – also consider mirrored copies on both sides). If possible use Terminal Server Access when accessing resources across the line.
In the end consolidate the 2 domains into 1 and consider using MPLS network between the 2 locations. Remember that VPN creates overhead on the line.