Our current VPN is IPSec based with several SOHO sites connecting to corporate via IPSec tunnels. The routers at these sites do not have GRE capable routers. However we would still like to try to have connectivity between spoke sites using the corporate site as a routing hub.
The only thing that I have tried is to use bigger subnets on the ACLs defining the interesting traffic but this did not work. I also tried messing around with statics with no luck.
Is this going to be possible?
The spoke should have a route to join the other spokes ( I assume the hub already have all the routes to join all the spokes). Then as you said, the crypto ACL on spokes and hub router should match the spoke-to-spoke traffic.
In this case it should work but the hub will decrypt and encrypt again the packet so be careful with the impact on the performance.