What is eduroam?
eduroam is short for "education roaming".
eduroam is a location independent wireless network, allowing mobility between participants wireless infrastructure with seamless federated user authentication and enforcement of local security policy. eduroam allows users from participating institutions to gain secure access to wireless network access using their standard username (email format)/password credentials as they do at their home institution for wireless access.
eduroam is based on a federated authentication model where your username and password are validated at your home institution (identity provider) and access to authorised network services are controlled by the visited institution (service provider). Over 20 Australian universities participate in eduroam, eduroam is being deployed at hospitals to assist medical researchers. eduroam is also available across the three confederations worldwide, Asia Pacific, Europe and The Americas, for more detail on worldwide coverage see eduroam.org
eduroam is a global service enabling staff and students of HE&R and related institutions to visit another eduroam participating institution and connect to the visited institution's wireless network automatically, i.e. with zero effort for both user and visited institution.
Via the eduroam infrastructure provided by ARC, AARNet and global NRENs, ARC enables the user's 'home institution' to authenticate the user remotely. ARC grants local wireless network access to users authenticated via eduroam.
If configured correctly, the eduroam user should be able to get a network connection at a visited institution just by opening their laptop or activating their phone or tablet device.
The physical locations within ARC providing eduroam access to their networks, allowing visitors from HE&R institutions to access wireless networking as easily as they would on their own campus, are:
- Majura Park Offices, 11 Lancaster Place Majura Park
- First floor office space
- Second floor office space
- Cotter room Theatrette and meeting rooms on ground floor
Trust in eduroam authentication is underpinned by use of a proven secure technical infrastructure and protocol, and a set of policies to which all eduroam participants are required to comply.
More about eduroam is available from AARNet, the eduroam AU 'roaming operator'.
In participating in eduroam AU, ARC agrees to conform to the eduroam AU Policy for eduroam Service Providers (which in turn means it agrees to comply with Global eduroam Policy for eduroam Service Providers).
What is the users' responsibility in using eduroam?
eduroam AU policy states that users must conform to their home institution's networking Acceptable Use Policy (AUP).
Users are recommended to read and comply with the Acceptable Use Policy of visited institutions.
What about user privacy?
The eduroam protocol prevents your institutional password from being revealed to any eduroam server other than your home institution eduroam server. So your login password is protected and only known by you and your home institution.
Your username is revealed to the ARC RADIUS server and other eduroam infrastructure servers involved in getting your authentication request from your device to your home institution.
ARC Wireless Settings
|SSID (Network Name)||eduroam (case-sensitive)|
|Wireless Network Connection Protocol||WPA2 Enterprise|
|Data Encryption Method||AES|
ARC Staff using eduroam
ARC staff should configure eduroam locally (i.e. while in the ARC building) for authentication to ARC before travelling to other eduroam participating institutions.
The following authentication parameters apply for authentication of ARC staff via eduroam:
|Identity||<Your ARC ID>@arc.gov.au|
|Anonymous Identity||<Your ARC ID>@arc.gov.au|
|CA Certificate||Will auto-detect|
Visitors using eduroam at ARC
Who can use eduroam at ARC?
eduroam is available to academics, researchers and students from eduroam participating HE&R and related institutions globally.
How do I use eduroam at ARC?
Note: as an eduroam user, you should have already configured access to eduroam while on your home campus, using the authentication parameters provided by your home institution local eduroam webpage.
Accessing eduroam successfully within ARC requires only that your configured wireless network connection and encryption protocol is compatible. The wireless encryption protocol used by ARC access points is the WiFi standard "WPA2/AES" (also called WPA2 Enterprise).
Note: There is no need to change any of your authentication parameters. These are only relevant to your home institution. If you have successfully configured authentication to eduroam at your home institution, you should be able to access ARC offices network via eduroam with no change to your setup.
Where exactly can I use eduroam within ARC?
ARC provides eduroam within all office, meeting and conference spaces of the ARC premises at 11 Lancaster Place Majura Park Offices.
Network Services Provided
ARC provides full outbound access with NAT'ed IP addresses (i.e. any servers on those machines will not be accessible externally while connected to the ARC network).
How do I get support in using eduroam?
When you're at the ARC offices and connect to eduroam, you may experience difficulty in getting a network connection due to several reasons e.g.an issue with your device configuration, wireless networking, institutional eduroam operability or eduroam infrastructure operability.
If network access issues occur, in the first instance eduroam users should contact their home institution's IT helpdesk to seek support.
If this is not feasible, or if your home institution can't resolve the issue, users may contact the ARC Assist IT support team on 6287 6699 or assist[@]arc.gov.au.
If required, your home institution's or ARC eduroam support staff will contact AARNet Pty Ltd for additional assistance.
What Usage Logs are kept by ARC and what are they used for?
eduroam trust between ARC and users' home institutions (those authenticating their users) is supported by the ability to trace a particular network access event to an authentication of a 'real user' by their home institution.
Home institutions agree to take appropriate action on behalf of ARC in case a user doesn't comply with ARC's Acceptable Use Policy.
In order to provide this traceability, network access transactions via eduroam are logged by ARC, with logs being retained for a period of six months. Access to usage logs is restricted to authorised personnel and authorities as required by the law.
Usage logs may also be used for purposes of service trouble-shooting and user support.
Content Last Modified: 28/10/15