eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Having started in Europe, eduroam has gained momentum throughout the research and education community and is now available in 72 territories. eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptop.
eduroam allows any user from an eduroam participating site to get network access at any institution connected to eduroam. Depending on local policies at the visited institutions, eduroam participants may also have additional resources at their disposal. The user credentials are kept secure because eduroam does not share them with the site you’re visiting. Instead they are forwarded to the user’s home institution, where they can be verified and validated. The system uses a network of servers run by the institutions, and the participating National Research and Education Networks (NRENs) to securely route these requests back to your home institute. All this happens seamlessly and virtually instantly – all thanks to eduroam!
The eduroam AU policy states that users must conform to their home institution’s network Acceptable Use Policy (AUP). Users are recommended to read and comply with the Acceptable Use Policy of visited institutions.
When using eduroam, the eduroam protocol prevents your institutional password from being revealed to any eduroam server other than your home institution’s eduroam server. So your login password is protected and remains secret between you and your home institution. However your username is visible to the SHCG RADIUS server and other eduroam infrastructure servers involved in getting your authentication request from your device to your home institution, and may be included in logs. Such logs are required to be protected by the institution running the RADIUS server.
|SSID (Network Name)||eduroam (case-sensitive)|
|Wireless Network Connection Protocol||WPA2 Enterprise|
|Data Encryption Method||AES|
The following authentication parameters apply for authentication of SHCG staff via eduroam (below assumes the realm is shcgeelong.catholic.edu.au):
|Identity||< SHCG username>@shcgeelong.catholic.edu.au|
|Anonymous Identity||Do not configure an anonymous identity|
|CA Certificate||Will auto-detect|
eduroam is available to general staff, academics, researchers and students from eduroam participating educational, research and related institutions globally.
When you’re at SHCG and connect to eduroam, due to relative complexity of wireless and eduroam infrastructures, you may experience difficulty in getting a network connection due to several reasons e.g. an issue with your device configuration, wireless networking, institutional eduroam operability or eduroam infrastructure operability. If network access issues occur, in the first instance eduroam users should contact their home institution’s IT helpdesk to seek support. If this is not possible, or if the home institution can’t resolve the issue, visiting users may contact the SHCG IT support (phone, email). If required, your home institution’s or SHCG eduroam support staff will contact AARNet, the eduroam AU national roaming operator, for additional assistance.
The eduroam trust model (between institutions remotely authenticating their users, and other institutions providing network access, via eduroam) is supported by the ability to trace a particular network access event to an authentication of a ‘real user’ by their home institution. Home institutions agree to take appropriate action on behalf of visited institutions in case a user doesn’t comply with the home institution’s network AUP.
In order to provide this traceability, remote authentication and network access transactions via eduroam are logged by SHCG, with logs being retained for a period of six months. Access to usage logs is restricted to authorised personnel and authorities as required by the law. Usage logs may also be used for purposes of service trouble-shooting and user support.
Support: visiting users may contact Sacred Heart College Geelong IT Support (#458, firstname.lastname@example.org)
Eduroam Compliance Statement (171 KB)
Sacred Heart College ICT Policy (2014 KB)