I have 12 UC520 units linked together over a DMVPN with IPSec tunnel protection. There is a 2901 router at the main location that is used as the hub. The problem is, if the hub gets reloaded, the tunnels on the other ends do not come back up automatically. I am forced to login to each UC520 and do a shut-no shut on the tunnel interface.
I read that GRE keep alives do not function with tunnel protection so I'm wondering if there's some other way to make the tunnels a little more resilient. My security association lifetime is currently set to 24hrs and I toyed with the idea of reducing that to make it rebuild the SA more often.
Any ideas?