Keep in mind that a VLAN is just a broadcast domain. With a packet capture tool, you
capture whatever traffic happens to pop out the port your connected to. Connected
directly to a layer 2 switch (bridge) you will see all the broadcast/multicast traffic
in the VLAN.
*********** REPLY SEPARATOR ***********
On 3/21/2001 at 3:45 PM NetEng wrote:
>We have had a pissing match lately and here's the details. One person
>states
>that a VLan can not be sniffed because it is on a different subnet. The
>other person says it can becuase it's physically on the same switch. I
>think
>you can to a point. Here's what I mean; let's say we have a 3524 with two
>Vlans, VLAN1 (we'll call it InfoSys), and VLAN2 (called HR). If I have a
>sniffer running on InfoSys, I should be able to sniff traffic on my subnet
>as well as traffic from HR to InfoSys (ie HR employee accessing mail server
>on InfoSys), right? The only difference is that the source MAC address
>would
>change. I should not be able to sniff traffic local to HR (ie an employee
>accessing accounting software) right? What's the rub?
>
>
>
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
