We have implemented DMVPN on all our local office using static routes as the rule on which interesting traffic to use the tunnel.
On the HUB router, we have local office connecting to our DMVPN. Our international office is connected via normal GRE Tunnel for the mean time.
This solution has been running since December 2007 and recently we have been getting a lot of error logs on the HUB
003169: Sep 26 2008 14:04:34.570 EST: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=DMVPN HUB, prot=50, spi=0xF02E779F(4029577119), srcaddr=DMVPN SPOKE
I have program "crypto isakmp invalid-spi-recovery" on the global command and we are still getting the error after clear the IKE and IPSec SAs