I want to see if there is a better ...best practice way to make the quad 0 internet availiable if the site fails over to VPN when main circuit is down. As it is now when a sitre fails over to VPN it uses that connection for internet traffic but I want it to use the our normal internet connection. This is the config I found but this does not seem to work. I am doing S2S VPN with routers and it works fine...just I would like to have the internet traffic go through our primary internet connection and not out the VPN failover connection.
router eigrp 1
redistribute static route-map static2eigrp
route-map static2eigrp permit 10
match ip address 10
access-list 10 permit 0.0.0.0
without deploying at least a point to point GRE you cannot extend EIGRP over the VPN connection so there is no use in trying to generate a default route in EIGRP.
I would post a link to a solution reference network design using point-to-point GRE
DMVPN should be the target solution if the number of remote sites is high.
without GRE you should encrypt all traffic exiting the interface on remote site and so the ACL used for IPsec should contain an any keyword and this is not recommended
Hope to help