Hello VPN experts, with the VPN SPA for 6500 we are implementing what happens with unencrypted traffic to the outside between IVRF and FVRF?
In our design the IPSEC tunnel terminates on FVRF. Then the SPA sits in the FVRF and IVRF sandwich; encrypted traffic is being sent to the SPA, gets decrypted and then sent to IVRF for routing into inside networks. Process is reversed for outgoing traffic. If we are to send unencrypted traffic to the outside - how can it bypass the SPA?