We have setup a Remote Access VPN, using Cisco VPN client in our test environment. Everything is working properly. We were able to login to Cisco VPN client and access the internal resources. However, we want to copy the same config to another ASA. We want to use the same group policies, same tunnel groups, etc. We only need to change the IP address of the Outside interface and the default gateway of the Outside interface. Another word, we want to keep everything the same. If we copy the same config to another ASA (production), do we need to change anything else? Thanks.
Don't forget to change the management address, otherwise ugliness ensues as the two boxes compete for it.
i use an app called ConText (Freeware) for editing ASA/PIX configs, its awesome when you load in the free highlighter package for Cisco devices, its a must if you are manually editing configs in my opinion.
If i remember from memory it is probably worth also removing all the certificate information that gets generated by the device when you enable encryption.
well yeah the nat rules, here is a small tip
get all the config and open it in a notepad, do a find for the public ip or public ip network and this will tell you what to replace