NETWORKENGR

CCNA 200-301 Cheat Sheet: 2.0 Network Access (20%)

by

Sun

·

As I started reviewing for an upcoming interview, I realized how critical the Network Access domain is—not just for the CCNA exam, but also for day-to-day enterprise network operations. This section covers how devices actually connect within a local network, including VLANs, wireless architecture, and management access protocols. Here’s a breakdown of what you need to know for the 2.0 domain.

2.1 VLAN Configuration

Virtual LANs (VLANs) allow network administrators to segment a switch logically into multiple broadcast domains.

  • Access Ports: Assigned to a single VLAN; used for end devices.
  • Voice VLANs: Dedicated VLANs for VoIP traffic.
  • Default VLAN: Typically VLAN 1; used by management and control protocols.
  • Inter-VLAN Routing: Required for communication between VLANs; usually handled by a Layer 3 switch or router.

2.2 Interswitch Connectivity

When VLANs span multiple switches, you need trunk links.

  • Trunk Ports: Carry traffic from multiple VLANs.
  • 802.1Q Encapsulation: Industry standard for tagging VLANs on Ethernet frames.
  • Native VLAN: The VLAN that is not tagged on trunk ports (usually VLAN 1 by default).

2.3 Discovery Protocols

Discovery protocols help identify and document connected devices in the network.

  • CDP (Cisco Discovery Protocol): Cisco-proprietary; shows directly connected Cisco devices.
  • LLDP (Link Layer Discovery Protocol): Vendor-neutral alternative to CDP.

Both provide information like device ID, IP address, platform, and interfaces used.

2.4 EtherChannel (LACP)

EtherChannel is used to bundle multiple physical links into one logical link, increasing bandwidth and redundancy.

  • LACP (Link Aggregation Control Protocol): IEEE standard (802.3ad) for dynamic EtherChannel negotiation.
  • Can operate at Layer 2 (switching) or Layer 3 (routing).
  • Benefits include load balancing and fault tolerance.

2.5 Spanning Tree Protocol (PVST+)

STP prevents Layer 2 loops, which can bring down a network.

  • PVST+ (Per-VLAN Spanning Tree Plus): Cisco’s STP version that runs a separate instance per VLAN.
  • Bridge Roles: Root bridge, designated, non-designated.
  • Port States: Blocking, listening, learning, forwarding, disabled.
  • Protection mechanisms include BPDU Guard, Root Guard, and PortFast.

2.6 Cisco Wireless Architectures and Modes

Enterprise Wi-Fi deployments can vary in structure. Cisco provides three main architectures:

  • Centralized: Access points connect to a central Wireless LAN Controller (WLC).
  • Converged: WLC is integrated into the access switch (for smaller setups).
  • Cloud-Managed: Cloud-based dashboards (like Meraki) manage APs and policies.

Each architecture affects how APs are deployed, managed, and secured.

2.7 WLAN Infrastructure Connections

To build a reliable wireless network, correct physical and logical connections are key.

  • Access/Trunk Ports: APs may use access ports for basic connectivity or trunk ports to carry multiple VLANs.
  • Link Aggregation Groups (LAGs): Used to bundle links between APs/WLCs for redundancy.
  • Cabling: APs typically connect via Ethernet with PoE.

2.8 Network Device Management Access

You must be able to access and manage your network infrastructure securely.

  • Console Access: Local CLI access using a console cable.
  • Remote Access:
    • Telnet: Insecure; not recommended.
    • SSH: Secure alternative.
    • HTTP/HTTPS: For GUI-based management.
  • Authentication Protocols:
    • TACACS+: Cisco proprietary; separates auth and accounting.
    • RADIUS: Open standard; commonly used in enterprise.

Cloud-based tools are also available for remote and centralized management.

2.9 WLAN GUI Configuration

Modern access points and controllers often provide a GUI for setup and management.

  • Configure:
    • SSID: The network name visible to users.
    • Security: WPA2/WPA3, PSK or 802.1X.
    • QoS: Prioritize voice and video traffic.
    • Client Settings: Limit access, apply schedules or policies.

GUI tools simplify complex CLI configurations and help visualize performance and coverage.

Final Thoughts

The Network Access domain connects the theoretical foundation from Network Fundamentals to real-world implementation. Whether you’re managing VLANs, deploying wireless access points, or configuring management access, this is where networking becomes tangible.

In the next post, we’ll explore 3.0 IP Connectivity—where routing, OSPF, and static routes take center stage.

Would you like help drafting the 3.0 section next?

Newsletter Form

Subscribe to our newsletter

Stay ahead. Get the NETWORKENGR newsletter. Sign up below.

Social

Facebook

Instagram

Twitter

NETWORKENGR

Launch Your Site Simply with Hostinger!