Still, there's that one in a million shot that there is an exploitable flaw.
Of course, it's certainly much better odds than that if you're running a network simulation and have several ?'s on the topo for things running proprietary protocols you likely know not much about.
Is there a logical separation at the switch? Sounds likely. What about the switch, does it have an admin login/password? If that switch is crackable, then the logical separation of the network is hosed.
There's still the matter of crafting those packets so they are heard, and while I have little idea how to do it, it's not something that can't be done.
I don't think whatever hack Roberts came up with work work in the wild. In a simulation it works great because it's a damn simulation*.