1) DMVPN does not imply you are going to have spoke to spoke communitcation. You can still have a ery simple hub and spoke topology. The advantage with DMVPN is it is highly scalable, that is, as you add more and more spokes you do not have to touch the HUBs' config at all. Just a few lines of code on the spoke and it should be ready to run. This is the problem with a sim[ple IPSec VPN in that the lines of code to be added for each new spoke goes on increasing exponentially:
On a side note, you may in near future want to enable spoke to spoke communication and with IPSec VPN, this will pose a HUGE problem to say the least (with the routing, config, etc.).
Again with DMVPN, just a few lines of config and it should be ready to deploy.
2) DMVPN can run with static routes as well. It is not imperative you have dynamic routing. But in our sitiation, we need a "fallback" mechanism if one of the hubs fail, This will be possible only using dynamic routings protocols (eigrp, ospf, etc.) which are much more roubust than simple static routes.
Again, dynamic routing is much more scalable with addition of new spokes (and thereby new networks). You do not need to add static routes on all the hub sites but just one line of config on the spoke will enable this.
Considering the above and our requirement, i can not think of anything other DMVPN with dynamic routing.
I am assuming that the 2 HUB routers are in completely different goegraphic locations and hence HSRP also will not help us. Please do clarify this and let me know if there are any further queries.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :