VLAN Hopping

VLAN hopping is an attack that attempts to access traffic on other VLANs via switch misconfigurations.

Updated: 2026-03-06

Definition

VLAN hopping can occur via switch spoofing (negotiating a trunk) or double-tagging in some scenarios.

Hardening trunk/access ports and disabling DTP reduce the risk.

Key points

Exploit misconfigured trunks/access ports
Disable DTP where not needed
Prune VLANs and avoid native VLAN issues

Common mistakes

Leaving ports in dynamic mode (auto/desirable) unnecessarily.
Using VLAN 1 as native VLAN everywhere.

Related exams

Cisco CCNA 200-301

Free CCNA 200-301 mini test with focused next steps. Continue in the app for offline packs and detailed explanations.

CompTIA Security+ (SY0-701)

Free Security+ SY0-701 mini test with focused next steps. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.