2.3.1. Key conceptsΒΆ

This section introduces the concepts that must be understood to start using Turbo IPsec.

The CLI comes with traditional features, such as completion, history and contextual help. It relies on a YANG data model that users browse as they would browse a file system, for example, / jumps to the root of the configuration, .. moves one level up. Relative and absolute paths can be used to refer to configuration data, making browsing very efficient.

At the root of the data model, there are two trees: config and state. The items in config represent the target configuration, while the ones in state represent the actual state of the system. As a result, state generally includes the items in config, plus additional runtime information, such as the statistics, or the IP addresses obtained through DHCP for example.

Another important concept is the one of VRFs. The management system splits the device into VRFs. Each VRF has its own set of IP addresses, routing tables, firewall rules, and other network-related resources. The configuration of most networking services occurs inside a VRF context. The default VRF is called main. In this guide, we focus on a single VRF use case and everything will be configured in the main VRF.

See also

The CLI User Guide for details.

Three user accounts are provided by default:

Account Default password Description
admin admin Standard account to manage Turbo IPsec through CLI
viewer viewer Same as admin, restricted to monitoring purposes
root 6windos Provides the ability to log into the Linux subsystem as superuser. This account is provided for initial system configuration and restricted to the use cases covered in this documentation.

Note

For security reasons, it is recommended to change the default passwords of preconfigured users.

  • For root, this is done from the Linux shell using the passwd command.
  • For admin and viewer, this is done from the CLI as documented in the CLI User Guide, Basics section.

See also

The CLI User Guide, Basics section, for more information about user accounts.