{"id":1106,"date":"2013-09-19T13:10:07","date_gmt":"2013-09-19T12:10:07","guid":{"rendered":"http:\/\/www.phillips321.co.uk\/?p=1106"},"modified":"2013-09-19T13:58:49","modified_gmt":"2013-09-19T12:58:49","slug":"testing-multiple-vlans-the-easy-way-trunk-ports","status":"publish","type":"post","link":"https:\/\/www.phillips321.co.uk\/2013\/09\/19\/testing-multiple-vlans-the-easy-way-trunk-ports\/","title":{"rendered":"Testing multiple VLANs the easy way – Trunk Ports"},"content":{"rendered":"

Okay, so me and a colleague were tasked with a job which meant we had a short space of time to test around 300 devices spread over 10+ VLANs. We could have requested that a port was set up on each switch for us to gain access but we also had a trunk port set up. (Cheers to DK1 for the pointers)<\/p>\n

A trunk port basically allows you to set your device up to connect to multiple VLANs. In the Cisco world VLANs are local to each switches database and VLAN information is not generally passed between switches. Using a trunk port will allow you to connect two switches together so that they can send data regardless of VLAN.<\/p>\n

To set up a trunk port on a Cisco device you need to do roughly the following (milage might vary):<\/p>\n

1
2
3
4
5
6
7
8
<\/div><\/td>
interface GigabitEthernet0\/10
\n description PenTesting-delete after 31\/12\/13
\n switchport trunk encapsulation dot1q
\n switchport trunk native vlan 0
\n switchport mode trunk
\n switchport nonegotiate
\n no cdp enable
\nno shutdown<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n

Trunk ports only carry VLAN tagged packets so when a switch receives data on it’s trunk port it forwards it to the VLAN denoted by the frame tag. The reason we have set native vlan 0<\/em> is to ensure that anything that isn’t tagged is set to a specific VLAN.<\/p>\n

Now that the switch is set up for trunking we need to ensure that our testing device is set up for VLAN trunking. In Kali Linux this is as easy as apt-get install vlan<\/em><\/p>\n

Then we need to set up the interfaces that we will associate with the VLANs. We can call them anything we want but in this instance we will call them vlanx<\/em> (where x<\/em> denotes the VLAN number).<\/p>\n

Open \/etc\/network\/interfaces<\/em> using your favourite text editor (we all know nano is best!). And then set up the interfaces as follows:<\/p>\n

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<\/div><\/td>
# The loopback network interface<\/span>
\nauto lo
\niface lo inet loopback
\n
\n# VLAN Settings<\/span>
\nauto eth0
\n
\nauto vlan10
\niface vlan10 inet static
\naddress 10.0.0.200  
\nnetmask 255.255.255.0
\nvlan_raw_device eth0
\n
\nauto vlan172
\niface vlan172 inet static
\naddress 172.16.0.200
\nnetmask 255.255.255.0  
\nvlan_raw_device eth0
\n
\nauto vlan192
\niface vlan192 inet static
\naddress 192.168.0.200
\nnetmask 255.255.255.0  
\nvlan_raw_device eth0<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n

Note: If you’re using Kali Linux make sure you remove entries from the network-manager to prevent it from trying to take over your network (Why the devs of Kali Linux defaulted to a network manager in a hacker distro I do not know, I mean aren’t the people using the distro meant to understand about networking and don’t need hand holding?)<\/p>\n

Disable networking by going to the networking manager in the top right and clicking “Edit Connections…<\/em>”
\n\"Screen<\/a><\/p>\n

Then delete all the network connections from the wired tab:
\n\"Screen<\/a><\/p>\n

Then you need to restart your networking so that the new VLAN interfaces are brought up:<\/p>\n

1
2
3
4
5
6
7
8
9
10
<\/div><\/td>
root@kali:~# <\/span>service networking restart
\n[<\/span>....]<\/span> Reconfiguring network interfaces...Ignoring unknown interface eth0<\/span>=eth0.
\nWARNING:  Could not open \/<\/span>proc\/<\/span>net\/<\/span>vlan\/<\/span>config.  Maybe you need to load the 8021q module, or maybe you are not using PROCFS??
\nSet name-type for<\/span> VLAN subsystem. Should be visible in<\/span> \/<\/span>proc\/<\/span>net\/<\/span>vlan\/<\/span>config
\nAdded VLAN with VID == 10<\/span> to IF -:eth0:-
\nSet name-type for<\/span> VLAN subsystem. Should be visible in<\/span> \/<\/span>proc\/<\/span>net\/<\/span>vlan\/<\/span>config
\nAdded VLAN with VID == 172<\/span> to IF -:eth0:-
\nSet name-type for<\/span> VLAN subsystem. Should be visible in<\/span> \/<\/span>proc\/<\/span>net\/<\/span>vlan\/<\/span>config
\nAdded VLAN with VID == 192<\/span> to IF -:eth0:-
\ndone.<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n

To test that the interfaces are up run a quick arp scan across the interfaces using the following:<\/p>\n

1
<\/div><\/td>
for<\/span> i in<\/span> `<\/span>cat<\/span> \/<\/span>etc\/<\/span>network\/<\/span>interfaces |<\/span> grep<\/span> auto |<\/span> grep<\/span> -v<\/span> lo |<\/span> cut<\/span> -d<\/span>" "<\/span> -f<\/span> 2<\/span>`<\/span> ; do<\/span> arp-scan -l<\/span> -I<\/span> $i<\/span> ; done<\/span><\/div><\/td><\/tr><\/tbody><\/table><\/div>\n","protected":false},"excerpt":{"rendered":"

Okay, so me and a colleague were tasked with a job which meant we had a short space of time to test around 300 devices spread over 10+ VLANs. We could have requested that a port was set up on each switch for us to gain access but we also had a trunk port set […]<\/p>\n","protected":false},"author":1,"featured_media":1119,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[402,401,400,399],"_links":{"self":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/1106"}],"collection":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/comments?post=1106"}],"version-history":[{"count":13,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/1106\/revisions"}],"predecessor-version":[{"id":1123,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/1106\/revisions\/1123"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media\/1119"}],"wp:attachment":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media?parent=1106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/categories?post=1106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/tags?post=1106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}