Hello Joseph,

I appreciate for your quick reply. But can you please send me an configuration example on the Both hub side configuration example? I have added both hub present config as well as the diagram example.

You can create a GRE tunnel between the two hubs over the internet and use EIGRP to use this route if metroethernet failes. A example of the config, replace THIS-HUB and OTHER-HUB with the public ip addresses.

crypto isakmp policy 1
 authentication pre-share
crypto isakmp key cisco123 address 0.0.0.0
!
crypto ipsec transform-set strong esp-aes 256 esp-sha-hmac
 mode transport

crypto map vpn 10 ipsec-isakmp
 set peer OTHER-HUB
 set transform-set strong
 match address 111

interface Tunnel1
 bandwidth
 ip address 192.168.10.x 255.255.255.252
 tunnel source gig1/0
 tunnel destination OTHER-HUB
 crypto map vpn
!
access-list 111 permit gre host THIS-HUB host OTHER-HUB

Hello Joseph,

thanks again for your quick reply. Presently we have 1841 router with ios 12.4. Currently we have the same configuration what you have sent. But now we have ISR series router for Hub which has 15.3 and we cannot create  crypto map on tunnel interface. Here is the message when crypto map is configured on tunnel interface.

crypto map Backup_Hub
% NOTE: crypto map is configured on tunnel interface.
        Currently only GDOI crypto map is supported on tunnel interface.

Hello mate,

I do apologize for late reply. The command you have sent last time worked like a charm. Thanks a lot for giving that time.  But after changes to DMVPN two locations have issues and the rest locations are working perfectly as it was expected. One of the location don't distribute the static subnet properly and another is not working due to some ios issue. Now I am sending you the which cannot redistribute properly. What I marked that the static route at spoke location is appeared as internal route on spoke as well as well Hub side which should be as external. I have defined the command as "redistribute static metric 10000 100 255 1 1500". But it didn't bring anything better. I cleared the route and tunnel. But the result is same as usual. 

Here is the output: 

Spoke side

Topology output:

sh ip eigrp topology 10.191.0.0/16
IP-EIGRP (AS 100): Topology entry for 10.191.0.0/16
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 28160
  Routing Descriptor Blocks:
  10.0.219.254, from Rstatic, Send flag is 0x0
      Composite metric is (28160/0), Route is Internal
      Vector metric:
        Minimum bandwidth is 100000 Kbit
        Total delay is 100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 0
  172.26.100.91 (Tunnel0), from 172.26.100.1, Send flag is 0x0
      Composite metric is (3074560/2818560), Route is Internal
      Vector metric:
        Minimum bandwidth is 1000 Kbit
        Total delay is 20100 microseconds
        Reliability is 255/255
        Load is 47/255
        Minimum MTU is 1400
        Hop count is 2

Spoke Configuration:

ip prefix-list Static-Redist seq 5 permit 10.191.0.0/16
ip prefix-list Static-Redist seq 10 permit 10.192.0.0/16
ip prefix-list Static-Redist seq 15 permit 10.193.0.0/16
ip prefix-list Static-Redist seq 20 permit 10.196.0.0/16
ip prefix-list Static-Redist seq 25 permit 10.198.0.0/16
ip prefix-list Static-Redist seq 30 permit 10.0.219.0/24

route-map Static-to-EIGRP permit 10
 match ip address prefix-list Static-Redist

router eigrp 100
 redistribute static route-map Static-to-EIGRP metric 10000 100 255 1 1500
 passive-interface default
 no passive-interface Tunnel0
 no passive-interface Tunnel1
 network 10.0.0.0
 network 172.26.100.0 0.0.0.255
 no auto-summary
 eigrp router-id 10.0.219.252
 eigrp event-logging

ip route 0.0.0.0 0.0.0.0 88.X.X.X

ip route 10.191.0.0 255.255.0.0 10.0.219.254
ip route 10.192.0.0 255.255.0.0 10.0.219.254
ip route 10.193.0.0 255.255.0.0 10.0.219.254
ip route 10.196.0.0 255.255.0.0 10.0.219.254
ip route 10.198.0.0 255.255.0.0 10.0.219.254

You have a network statement with the 10.0.0.0/8 network. All static routes in 10.0.0.0/8 will be redistributed as internal. If you remove network 10.0.0.0 they should appear external. If you have other networks in 10.0.0.0/8 that need te be internal you should ad a more specific network statement.

Hello Joseph,

you are right: I have edited those lines under eigrp process and the network appears as external. But unfortunately I couldn't access the remote (DMVPN) local network still now. Before the remote users could able to access the local network at hub side. But now the user from remote local network (over DMVPN) cannot access the local network at hub and all central databank are unaccessable. The local Hub has different interface which are connected to Metro-Ethernet and I have change all the Metro-Ethernet locations to proper WAN network 10.0.0.0/17 instead of 10.0.0.0/8 and those remote users (over DMVPN) can access the local networks at Metro-Ethernet. So what I understand that the redistribute static network from remote (DMVPN) spoke's local network and HUB's local network are unaccessable.

I have added the log and present config from Hub and Spoke.