A VLAN (Virtual Local Area Network) is a logical grouping of network devices that share the same broadcast domain, regardless of their physical location or connection1.
VLANs can be used to segment the network into different departments, functions, or security levels, and to improve the performance, security, and manageability of the network1.
To access the resources on a VLAN, a device needs to be assigned to the same VLAN ID, either statically or dynamically, and the switch needs to be configured to support VLAN tagging and trunking12.
In this scenario, the most likely cause of the problem is that the last few salespeople were assigned to the wrong VLAN, either by mistake or by lack of available ports on the correct VLAN3.
This would explain why they can access the corporate materials on the network, which are probably shared across all VLANs, but not the sales-specific resources, which are probably restricted to the sales VLAN3.
The other options are less likely to cause the problem, as they would result in different symptoms or errors, such as:
The switch was configured with port security: Port security is a feature that limits the number of MAC addresses that can be learned on a switch port, and prevents unauthorized devices from accessing the network. If port security was the cause, the new devices would not be able to connect to the network at all, or they would trigger a security violation and shut down the port.
Newly added machines are running into DHCP conflicts: DHCP (Dynamic Host Configuration Protocol) is a protocol that assigns IP addresses and other network configuration parameters to devices automatically. A DHCP conflict occurs when two devices have the same IP address on the network, which causes connectivity issues and IP address errors. If DHCP conflicts were the cause, the new devices would not be able to access any network resources, not just the sales-specific ones.
The IPS was not configured to recognize the new users: IPS (Intrusion Prevention System) is a device or a software that monitors the network traffic and blocks or alerts on any malicious or suspicious activity. If the IPS was not configured to recognize the new users, it might flag their traffic as anomalous or unauthorized, and block or drop their packets. However, this would affect their access to all network resources, not just the sales-specific ones, and it would also generate IPS logs or alerts that could be checked by the network administrator. References:
1: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 7: Virtual Networking, pp. 279-282
2: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 7: Virtual Networking, pp. 283-287
3: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 7: Virtual Networking, p. 288
: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 14: Network Security, pp. 581-582
: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 11: Network Services, pp. 447-449
: CompTIA Network+ N10-008 Cert Guide, 1st Edition, Chapter 14: Network Security, pp. 589-590
