No. It's an unreadable muddle. Try doing the diagram again, this time without tabs. My guess is you have TABS=4 spaces set, while most readers display 8 spaces. You might also want to fill in some of the missing numbers like make and model of existing equipment, number of users, approximate bandwidth, and type of internet connection (speed).
You also missed my point about where the VPN is going to be terminated. Are you going to terminate it at the: 1. Wireless access point 2. Added VPN gateway router between wireless and wired networks. 3. Existing unspecified model Cisco internet gateway router. 4. ISP if they provide the service. 5. Corporate firewall.
Since you want to use a VPN router as a gateway to your home LAN, you cannot use the existing unspecified model Cisco gateway to control access. All it currently does is control access to the internet. It assumes that a user already has access to your LAN. So, you need to add a VPN router between the insecure wireless network and your secure wired network. Note that you will have two networks. The wireless network that's assumed to be insecure, and the protected wired LAN. The purpose of a (vpn) router is to glue these two networks together.
How are you going to "allow" only pre-defined users to access your wireless access point and *THEN* use a VPN to get to your LAN? The VPN controls access to your wired LAN, not to the wireless WLAN.
Also, one minor problem. Let's pretend that an evil user gets onto your wireless network by cracking the WEP key but cannot get into your VPN. There's nothing to stop this evil user from either using your access point as their private game network repeater, or precipitateing a wireless denial of service attack. Actually, some access points have "client to client protection" features which will prevent the use as a client to client repeater. My point is that this evil user is already on your wireless network even if they did not successfully authenticate with the VPN router. Methinks it would be best to keep them off the access point in the first place. However, if you don't mind hosting a private game network with your access point, then adding a VPN router should be more than adequate security.