Section 43 – Review 1

Section 43 Tasks

  • Take the exam below
  • Complete the challenge lab
  • Review switchport security (it can appear in the ICND2 exam)
  • Read the ICND2 cram guide (and the ICND1 cram guide, if taking the CCNA exam)
  • Spend 15 minutes on the website

Section 43 Exam

  1. How do you turn off CDP on a router interface?
  2. Write down the configuration to enable IPv6 on your router.
  3. Write down all the administrative distances you remember.
  4. What are the two available PPP authentication types? How do you configure them?
  5. What are the OSI Data Link sublayers of PPP?

Section 43 Answers

1. Issue the no cdp enable command.

2. Enabling IPv6 on the router:

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 router eigrp 1
R1(config-rtr)#eigrp router-id
R1(config-rtr)#no shutdown
R1(config)#interface GigabitEthernet0/0
R1(config-if)#ipv6 address 3fff:1234:abcd:1::1/64
R1(config-if)#ipv6 enable
R1(config-if)#ipv6 eigrp 1

3. Administrative distances:

4. Check the PPP labs.

5. NCP, LCP, and HDLC.

Section 43 Lab – PPP and NAT



Connect two routers together with a serial or crossover cable:

  1. Add IP addresses to the routers and a Loopback interface on Router A, according to the diagram (NAT shouldn’t be in the ICND2 exam but it’s been known to appear again!)
  2. Turn on debug ppp negotiation and debug ppp authentication
  3. Configure PPP authentication CHAP for the WAN connection
  4. Designate NAT inside and outside interfaces
  5. Add a static route on Router B to send all traffic back to Router A
  6. Ping between Router A and Router B to test the serial line (remember clock rates)
  7. Turn off all debugging with the undebug all command
  8. Create a NAT pool of 172.16.1 to 10, inclusive
  9. Create two ACL lines to permit the Loopback networks (/24) for NAT
  10. Turn on NAT debugging
  11. Source two extended pings, one each from L0 and L1 from A to B
  12. Check the NAT translation table

Solution Hints and Commands

  • CHAP authentication: define a username and password for the remote devices; add the ppp authentication chap command on the interface
  • Issue the ip nat inside and ip nat outside commands on the interfaces to enable NAT
  • Issue the ip route command to configure a static route
  • Issue the ip nat pool <name> <start_ip> <end_ip> netmask <mask> command
  • Issue the ip nat inside source list x pool <name> overload command
  • Issue the debug ip nat command


Inline Feedbacks
View all comments
Would love your thoughts, please comment.x