Although I have no problem with backup/restore in ISA550 when I do it in the same device, I do have problems when restoring in one unit the backup of another unit, i.e. when cloning devices in order to avoid having to configure every device from scratch. Lets call A the master device and B and C the devices I try to clone (to save most of the configuration) to modify them later. I get two different situations here, but none of them works:
B reads without complaining the backup from A and gets the same configurations settings than A, but once modified appropriately to stablish a VPN Site-to-Site tunnel with A, ther is no way to make it work. Furthermore, this unit cannot be configured to VPN with A, even using the Site-to-Site wizzard (which resets all VPN settings).
C complaints when reading the backup from A and does not read it. However, this unit can be configured by hand using the wizzard and the VPN works fine.
So, I suspect that something in the backup identifies the unit in such way that VPN gets in troubles. What it does work is doing a FULL RESET of the unit B and then configure it manually.
I have reported the issue but the Cisco agent closed it simply saying that this cannot be done. I have serious dificulties believing that in you have N devices you have to do N configurations from scratch. I am aware that perhaps some codes must be removed before doing a backup, or that should be something like an "anonymous backup" for such objective, but I cannot accept that it is impossible to do.
I am looking for a reasonable way to do what it seems a basic feature.