I've been pouring over a lot of documentation but I think I have a tricky one here.
I have my main branch router (3825) and two remote routers (2821's). They are connected through leased lines that do not touch the internet. For various security reasons I have to ensure that the traffic from the remote's are encrypted in a VPN tunnel even though it is still part of a private network.
I have went ahead and created the tunnels and I can verify that they are up. I have applied the cryptomap to the correct interfaces, etc.,.
So the question is - How do I ensure that traffic is not just being router out of the interface from the remote sites back to the branch router with or without using the VPN tunnel? I've taken down the tunnels and of course, the traffic is still being passed back and fourth.