VIA is a VPN service for clients and requires a license to enable it on the controller.
Basic site to site VPNs can be built on the controller without this license.
The only time you need PEFV is if you want to use the VIA client on your end user devices or if you want to customize the VPN tunnel firewall policy for site to site.
If your clients are terminating to a 3rd party VPN concentrator, this is just standard user traffic traversing the controller. Nothing is needed on the Aruba side.