Absolutemy agree. What I wanted to test is to have two separate devices not talking to each other or part of a cluster, just like to companies or two separate networks communicating only through https. And the issue was indeed a mac address conflict. I could have configured a new trial version device but I wanted to make this clone methd work as it is a quick way to test. I had a snapshot of the original vm made juste after the licence. I took a copy of this snapshot. in Vmware you have to choose 'I moved this' instead of 'I copied this' as copying will make vmware generate new hardware (machine and nic) ids and this will expire the trial version. Important: the snapshot was made before starting the device setup, only the license step was carried out. I added 3 nic to this copy, started it, vmware generated different macs for the three new devices. I shut the vm and then removed the initial three vm nics. I started the machine and initiated the config with the 'config' command. I had to do it two or three times before the command started the config screen. and now I have tow ve vms to play with. I need to simulate two perimeter networs with a complex APM/ADFS certificate/AD/Ldap/Kerberos auth :-) cheers !