Following situation. We have 3 C7140's to setup the needed VPN tunnels to the remote C7120 or C1710. The way IKE is configured is to use rsa_encr as authentication methode. This means using public key's of eachother to authenticate. Should a central 7140 fail and replaced, then the public key of that new router will be different from the old one. This means that the config of all remote routers must be updated to have them working again via the replaced router.
This is a very big task, so is there a way to keep the created key-pair of the broken C7140 on the new C7140 ? If not, is there a trick we can use to avoid this situation ?