VPN
Configuring Teleworker VPN Client
Cisco ISA500 Series Integrated Security Appliances Administration Guide 365
8
Benefits of the Teleworker VPN Client Feature
• Allows dynamic configuration of end-user policy, requiring less manual
configuration by end users and field technicians, thus reducing errors and
further service calls.
• Allows the provider to change equipment and network configurations as
needed, with little or no reconfiguration of the end-user equipment.
• Provides for centralized security policy management.
• Enables large-scale deployments with rapid user provisioning.
• Eliminates the need for end users to purchase and configure external VPN
devices.
• Eliminates the need for end users to install and configure Cisco VPN Client
software on their PCs.
• Offloads the creation and maintenance of the VPN connections from the PC
to the router.
• Reduces interoperability problems between the different PC-based
software VPN clients, external hardware-based VPN solutions, and other
VPN applications.
• Sets up a single IPsec tunnel regardless of the number of multiple subnets
that are supported and the size of the split-include list.
Modes of Operation
The Teleworker VPN Client feature sets the security appliance as a Cisco VPN
hardware client. The Cisco VPN hardware client supports two operation modes:
Client Mode or Network Extension Mode (NEM). The operation mode determines
whether the inside hosts relative to the Cisco VPN hardware client are accessible
from the corporate network over the VPN tunnel. Specifying the operation mode is
mandatory before making a connection because the Cisco VPN hardware client
does not have a default mode.
All modes of operation also optionally support split tunneling, which allows secure
access to corporate resources through the VPN tunnel while also allowing Internet
access through a connection to an Internet Service Provider (ISP) or another
service—thereby eliminating the corporate network from the path for web access.
Refer to the following topics:
• Client Mode, page 366