HI All,
i deployed a IPSEC VPN in a specific routing instance. The interface tunnel (st0.x) are deployed in a routing instance A, and the user segment that need to use this IPSEC tunnel, are associated with the default instance (inet.0). After the VPN is established, the SRX has installed a route 10.0.0.0/8 in ther instance A, but the user can´t access all 10.0.0.0/8 due some address conflict.
So, i applied a firewall filter with specific destination that need to be routed to instance A. This is working fine. However, i´m afraid with the cpu consumption. What is most recommended?
1- Use firewall filter;
2-apply specific static routes using "next-table INST-A";
Thanks,
João Victor