My customer would like to encrypt traffic across all our private P2P circuits. We have a hub-spoke topology with 50 spoke routers per one hub router. After some searches, I narrowed down to these options:
GET (Group Encryption Transport): This is exactly what we want except it only works on 12.4T. No go.
P2P IPsec over GRE: a pain to set it up with multiple P2P circuits on the hub router. No go.
DMVPN: easier to set it up than P2P IPsec over GRE. This might work.
Are there other options available for me to simply encrypt traffic without setting up tunnels? By the way, it has to be done from the current router, cannot purchase additional hardware.