I really cannot answer that, I’m not deep enough in that part of IPSec VPN.
This topic could help you better
However… without traffic, the connection do not bother that much for traffic and/or CPU overhead. Tunnel could be built 24/7. And with firewall rules, only the two servers could be aware of each other.
Also…
In IPsec usually there are an initiatior and a responder. If you’re looking for have better security of work side, I’d configure the initiator on the home side.