2.3.1. Key concepts¶
This section introduces the concepts that must be understood to start using Turbo IPsec.
The CLI comes with traditional features, such as completion, history and
contextual help. It relies on a YANG data model that users browse as they would
browse a file system, for example,
/ jumps to the root of the configuration,
.. moves one level up. Relative and absolute paths can be used to refer to
configuration data, making browsing very efficient.
At the root of the data model, there are two trees:
config represent the target configuration, while the ones in
represent the actual state of the system. As a result,
includes the items in
config, plus additional runtime information, such as
the statistics, or the IP addresses obtained through DHCP for example.
Another important concept is the one of VRFs. The management system splits
the device into VRFs. Each VRF has its own set of IP addresses, routing
tables, firewall rules, and other network-related resources. The configuration
of most networking services occurs inside a VRF context. The default VRF is
main. In this guide, we focus on a single VRF use case and
everything will be configured in the
The CLI User Guide for details.
Three user accounts are provided by default:
||Standard account to manage Turbo IPsec through CLI|
||Provides the ability to log into the Linux subsystem as superuser. This account is provided for initial system configuration and restricted to the use cases covered in this documentation.|
For security reasons, it is recommended to change the default passwords of preconfigured users.
root, this is done from the Linux shell using the
viewer, this is done from the CLI as documented in the CLI User Guide, Basics section.
The CLI User Guide, Basics section, for more information about user accounts.