You can reconfigure all your VPNs to use the same interface. Probably you have a default-route on the interface for your RA-VPNs and static routes on the other interface for your site-to-site VPNs. Which one do you want to keep? Migrating the Site-2-Site-VPNs to the other interface is easier as you can move one VPN at a time. If you want to use the interface without the default-route you have to move all your RA-VPNs at once.
If that's not your scenario, give some more info about your network and your config.
Re: Site-to-Site and Remote-Access on same interface
Well, migrating the S2S-VPNs to the new link should be easy. RA can be a little more tricky because the clients have to know the new IP-address. For that you have multiple options:
If your clients have a FQDN configured as the Peer-address, then you can change it in DNS the day you want to start your migration.
If your clients have the IP of T1(1) configured you can use mode-config to push a backup-server-list where your new IP is included. You have to wait until all clients have connected to download the new list, then you can reconfigure the RA-VPN to the new link. The clients will try to reach the old address, fail with that and then try the next backup-server which is your new IP-address. Later your clients can be cleaned with new settings in the PCF. Or even better, let the old clients phase out (the IPSec client is EOL announced) and migrate to AnyConnect.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...