Access Ports

An access point is a type of switch port that can carry a single VLAN and it usually only connects to end devices. Think computers, printers, and physical servers, this access port does not carry any 802.1Q VLAN tag. In fact if it receives a tagged frame from an end device it will just drop the frame entirely. Even if the tag is the correct VLAN.

This is a measure to protect the network from VLAN hopping attacks. Older network devices may have allowed the frame to pass-through if the VLAN tag matched or even if any tagged frame was inserted. This has been changed over the years and it depends on the type of hardware.

In the end putting devices into an access VLAN is how devices in a network can communicate on the same VLAN while across different switches. Assuming trunk links between those switches are configured.