In this topology a centralized internet access for corporate users through the Hub HQ site and a Direct Internet Access for guest users are configured as shown below with the configuration of Hub and Spoke1.
The ping from the guest-PC1 is 100 percent successful and the traceroute confirms that the Guest is going directly to INTERNET using the local gateway Spoke1 as expected.
But the ping from the corporate-PC1, some packets are lost, the traceroute confirms that the packets to INTERNET are going through the tunnel DMVPN to the hub then to internet as expected.
Hub:
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Tunnel1
ip address 172.16.1.1 255.255.255.0
no ip redirects
no ip split-horizon eigrp 1
ip nat inside
ip nhrp network-id 1
ip summary-address eigrp 1 0.0.0.0 0.0.0.0
tunnel source Ethernet0/0
tunnel mode gre multipoint
!
interface Ethernet0/0
description to INTERNET
ip address 1.1.1.1 255.255.255.0
ip nat outside
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
!
ip nat inside source list 100 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 1.1.1.2
Spoke1:
ip vrf INTERNET
!
interface Loopback0
ip address 10.2.2.2 255.255.255.0
!
interface Loopback1
ip vrf forwarding INTERNET
ip address 192.168.2.2 255.255.255.0
ip nat inside
!
interface Tunnel1
ip address 172.16.1.2 255.255.255.0
no ip redirects
ip nhrp map multicast 1.1.1.1
ip nhrp map 172.16.1.1 1.1.1.1
ip nhrp network-id 1
ip nhrp nhs 172.16.1.1
tunnel source Ethernet0/0
tunnel mode gre multipoint
tunnel vrf INTERNET
!
interface Ethernet0/0
description to INTERNET
ip vrf forwarding INTERNET
ip address 2.2.2.1 255.255.255.0
ip nat outside
!
interface Ethernet0/1
description to Guest
ip vrf forwarding INTERNET
ip address 192.168.4.1 255.255.255.0
ip nat inside
!
interface Ethernet0/2
description to corporate
ip address 192.168.5.1 255.255.255.0
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
network 192.168.4.0
network 192.168.5.0
!
ip nat inside source list 1 interface Ethernet0/0 vrf INTERNET overload
ip route vrf INTERNET 0.0.0.0 0.0.0.0 2.2.2.2