The Teleworker VPN Client feature minimizes the configuration requirements at remote locations by allowing the security appliance to work as a Cisco VPN hardware client to receive the security policies upon the VPN tunnel from a remote IPsec VPN server.
After the IPsec VPN server has been configured, a VPN connection can be created with minimal configuration on the Teleworker VPN client. When the Teleworker VPN client initiates the VPN connection, the IPsec VPN server pushes the IPsec policies to the Teleworker VPN client and creates the corresponding VPN tunnel. This solution is ideal for remote offices with little IT support or for large Customer Premises Equipment (CPE) deployments where it is impractical to configure multiple remote devices individually.
Figure 8-4 IPsec Remote Access with an IPsec VPN Server
Note When the security appliance is acting as a Cisco VPN hardware client, the following IKE policy and transform set are used by default. The IKE policy and transform set used on the security appliance are unconfigurable.
This section describes how to configure the Teleworker VPN Client feature. Refer to the following topics:
• Benefits of the Teleworker VPN Client Feature