VLAN Hopping

onurcoskun · ‎04-19-2008

Hi all,

I have been trying to implement a scenario in which vlan hopping is performed.

From a packet generator I created a packet with the added 802.1q tags. The inner tag was the native vlan, and the outer was the destination vlan.

The problem is that the switch seems not to be interpreting the double (or single) tagged frame received on an access link. I had tried to send a single tagged frame also but that did not work either.

I use ethereal to capture the frames sent out on the access port and the tag appears properly on the frame.

Any help appreciated.

Regards

onurcoskun · ‎04-19-2008

Also, is there a means to enable 802.1q double tagging

on an access link?

cisconoobie · ‎04-20-2008

If the port is setup with switchport mode access it will not allow vlan tagging.

Dont hardcode the port with anything, leave it default or use dynamic desirable.

Use your PC and fake a trunk and inject the frames.

onurcoskun · ‎04-21-2008

I think the IOS on the 3750 do now allow double tagged frames on an access port.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_se/configuration/guide/swint.html#wp1107751

Below is what the link says about tagged frames on access ports:

If an access port receives a tagged packet (Inter-Switch Link [ISL] or 802.1Q tagged), the packet is dropped, and the source address is not learned.