ItsyourIP.com

Tag: vlan

  • How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS

    VLAN Interfaces are required in network scenarios where you have different VLANs and need Inter-VLAN switching on Layer3 (Routing capable) switches. Every VLAN that needs to be routed should have a VLAN interface.

    Let’s say we have VLAN 10 which hosts the subnet 192.168.10.0 subnet, VLAN hosts 192.168.20.0 subnet and VLAN 30 hosts 192.168.30.0 subnet. For Inter-VLAN routing to work, we need to have a VLAN interface setup for each of these VLANs and configured with an IP address from the same subnet which will be the default Gateway for that subnet. Lets say, 192.168.10.254,192.168.20.254.192.168.30.254 are the IP addresses for VLAN Interfaces of VLAn 10,20,30 respectively.

    (more…)

  • How to prevent VLAN Hopping in Cisco Switches

    A malicious user can easily gain access to data on another VLAN to which he is not authorised to access using VLAN hopping. A VLAN Hoping attack can be launched by using a Switch Spoofing or Double Tagging of 802.1q trunking protocol. To have a quick insight into VLAN Hopping, click here.

    You can prevent VLAN Hopping in Cisco Switches as follows:

    (more…)

  • VLAN Hopping – Layer 2 Security exploit bypass Layer 3 security

    VLAN Hopping is a Layer 2 security exploit by which a malicous user connected to a switchport on a Switch assigned to a VLAN can hop on and gain access to another VLAN which otherwise is not accessible. This security exploit allows the malicous hacker to bypass the IP Securities implemented at Layer 3.

    (more…)

  • How to Configure Multiple Interfaces in Cisco IOS

    In Cisco IOS, "interface range" command can help you configure multiple interfaces in one single command. This can be a range of switch ports on a module or multiple ports on multiple module be it FastEthernet or GigabitEthernet or vlans on a Cisco Switch or a Router.

    Sometimes, simple tasks like enabling a bunch of Administratively shutdown ports, assigning a range of switchports to a particular VLAN can become boring and tedious. This is where the "interface range"  can help where we can specify a comma seperated list of range of ports or vlans in the interface configuration mode and any command issued from there will apply to all switchports.

    (more…)