eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Having started in Europe, eduroam has gained momentum throughout the research and education community and is available more than 80 territories. (Reference http://www.eduroam.org)
(video courtesy www.aarnet.edu.au)
Benefits
High-speed wireless connectivity at hundreds of participating institutions worldwide
Easy to use
Data and privacy protected through WPA2/AES and IEEE802.1X
Provides a single solution for the mobile connectivity requirements.
Connect to eduroam
eduroam is based on IT industry standards and there are too many devices which support eduroam for them to be exhaustively listed here. As a general rule, you can verify whether your device can do eduroam by looking into your device's manual. Check for the following points
Does the device support wireless encryption with WPA2/AES?
Does the device support "Enterprise" authentication (this is sometimes also called "IEEE 802.1X support")?
If both are a "Yes", then your device is good to go in principle. There is one further question which is depending on your institution's eduroam setup though: Enterprise authentication happens via so-called "EAP Methods". University of Kelaniya is using PEAP as our EAP method for eduroam; and it must match your device's capabilities. For roaming visitors your institution will be able to tell you which EAP methods they support.
As a golden rule, you need to configure your device only exactly once, as instructed to by your home institution. From then on, you can use all eduroam hotspots world-wide without reconfiguring anything. Exactly how to configure your laptop or other handheld device for eduroam will depend on
Which device(s) you are using and
Your institution's local identity management configuration
If you know that your school / university / college does provide eduroam, please ask the IT staff for support with setting it up on your laptop or other devices.
If you are not sure whether or not your institution provides eduroam at all, the National Roaming Operator for your country may be able to help with your enquiry. To find out more, follow the linked maps from http://www.eduroam.org/ or http://eduroam.learn.ac.lk (Reference: https://wiki.geant.org/display/H2eduroam)
What is wireless?
Wireless networking, or Wi-Fi, uses radio waves to connect network devices (laptops, smartphones, etc) to wireless access points. Using UoK's secure wireless service, eduroam, you can connect your laptop or mobile device to the UoK network and the Internet - without plugging in any cables.
Secure your device before you connect
Before you connect to the UoK wireless service, your laptop or mobile device must comply with our Networking policies:
Ensure that your computer has the latest operating system updates or patches.
Ensure that your laptop or device has an up-to-date anti-virus software program
Set up the UoK wireless network connection on your Windows 7 laptop
Follow these steps to quickly set up the UoK wireless network on your Windows 7 notebook/laptop computer. For more detailed instructions view the set up and connection steps provided further below.
Ensure the WiFi device on your laptop is switched on. This will allow your laptop to automatically detect and capture UoK Wireless network (eduroam) settings.
To connect to eduroam:
Click Network in the bottom-right notification area of the toolbar.
The Wireless Network Connection dialog box appears.
Right-click eduroam connection and from the drop-down menu choose, Connect.
The Windows Security dialog box appears.
Enter your network username@kln.ac.lk
Enter your network password.
Click OK.
The Windows Security Alert dialog box reappears.
Click Connect. Note: You may be prompted more than once to enter your credentials. If this happens then repeat steps 3-4. Authentication certificate: It is also worthwhile noting that when you make your initial connection to eduroam you will be prompted to accept the authentication certificate for the primary UoK authentication server. Depending on the load and availability of this server, you may be required to accept the authentication certificate for the secondary server. This will result in both servers being added to your wireless configuration PEAP settings.
Click Network again to verify your eduroam connection status is Connected.
If your laptop can also connect via network cable:
Configure your web browser(s) for automatic proxy detection.
To save your eduroam credentials on your laptop so that you do not get prompted to authenticate every time you start your laptop, proceed as follows:
Click Network in the bottom-right notification area of the toolbar.
The Wireless Network Connection dialog box appears.
Right-click eduroam connection and from the drop-down list choose Properties.
The eduroam Wireless Network Properties dialog box appears.
Select Security.
Click Advanced settings.
The Advanced settings dialog box appears.
Select 802.1X settings.
Ensure the Specify authenication mode check box is selected.
Choose User authentication from the drop-down list.
Click Save credentials. Note: When you change your network password, you need to manually update the password in your eduroam settings. To do this, repeat steps 1-4. When you reach step 4 you will see the Replace credentials button instead of the Save credentials option. Enter your new password and complete the remaining steps. To remove all users credentials proceed to step 4 and select the Delete credentials for all users check box.
The Windows Security dialog box appears.
Enter your network username@kln.ac.lk
Enter your network password.
Click OK.
The eduroam Wireless Network Properties dialog box appears.
Click OK.
The Advanced settings dialog box appears.
Click OK.
Click Network again to verify that your eduroam connection status is Connected.
Note:
eduroam has now allocated an IP address to your device. You need to ensure that the wireless network connectivity on your system is not controlled by proprietary software or third party applications installed by hardware vendors as this may affect your connection to the UoK wireless network. Should you continue to experience problems connecting to eduroam, log a call with the IT Helpdesk, using one of the following methods:
Phone the IT Helpdesk on 444 or 0112903444
Connect to the UoK wireless network from your Windows 7 laptop
Windows 7 will attempt to connect to the UoK wireless network for the first time. If you see an Additional information is needed to connect to eduroam balloon pop-up in your system tray:
Click the balloon pop-up.
The Network Authentication dialog box appears.
Enter your network username@kln.ac.lk (i.e. staff/student number) and password.
Click OK.
You are now connected to the UoK wireless network.
If your computer does not automatically connect, then follow these steps.
Click the Start Orb | Control Panel | Network and Internet | Network and Sharing Center and click Connect to a Network.
The Connect to a network window opens.
Select the eduroam wireless network.
Click Connect.
The Network Authentication dialog box appears. (Note: it may prompt twice)
Enter your network username@kln.ac.lk (i.e. staff/student number) and password.
Click OK.
You are now connected to the UoK wireless network.
To setup the UoK wireless network on your Windows 8 notebook or laptop computer
From the Windows Metro start screen, click on the Desktop tile icon.
The Desktop screen appears.
Click on the network icon on the bottom right of the desktop.
The Networks modern/metro pane appears.
Right click on eduroam.
Select View connection properties.
The eduroam Wireless Network Properties dialog box appears.
Select Security.
Click Advanced settings.
The Advanced settings dialog box appears.
Select 802.1x settings.
Ensure the Specify authentication mode check box is selected.
Choose Under authentication from the drop-down list.
Click Save credentials. Note: When you change your network password, you need to manually update the password in your eduroam settings. To do this, repeat steps 1-4. When you reach step 4 you will see the Replace credentials button instead of the Save credentials option. Enter your new password and complete the remaining steps. To remove all users credentials proceed to step 4 and select the Delete credentials for all users check box.
The Windows Security dialog box appears.
Enter your network username@kln.ac.lk
Enter your network password.
Click OK.
The Advanced settings dialog box appears.
Click OK.
The eduroam Wireless Network Properties dialog box appears.
Click OK.
The Desktop screen appears.
Click on the network icon on the bottom right of the desktop screen to verify that your eduroam connection status is Connected
Set up and connect to the UoK wireless network from your MAC OS X v10.10 (Yosemite) laptop
Ensure that your computer's date and time is accurate. (This is required for certificate verification later in the process.)
Click the Wi-Fi icon in the menu bar at the top right corner of the screen and select Turn Wi-Fi On.
A dialog box appears requesting your credentials.
Enter your network username (username@kln.ac.lk) and password.
Click OK.
The Verify Certificate dialog box appears.
Click Continue.
An authentication dialog box appears.
Enter your Mac OS X username and password (local user account).
Click Update Settings.
You have successfully set up the UoK wireless network and you are now connected to the eduroam wireless network.
If your laptop can also connect via network cable:
Click OK.
The eduroam Wireless Network Properties dialog box appears.
Configure your web browser(s) for automatic proxy detection.
The Desktop screen appears.
Click on the network icon on the bottom right of the desktop screen to verify that your eduroam connection status is Connected
Note: To re-establish a network connection to eduroam after initial setup and connection:
Click the Wi-Fi icon in the menu bar at the top right corner of the screen and select eduroam from the list (you may need to wait a few seconds for the wireless networks to appear).
Set up and connect to the UoK wireless network from your MAC OS X v10.9 (Mavericks ), v10.8 ( Mountain Lion ) or 10.7 (Lion) laptop
Ensure that your computer's date and time is accurate. (This is required for certificate verification later in the process.)
Click the Wi-Fi icon in the menu bar at the top right corner of the screen and select Turn Wi-Fi On.
A dialog box appears requesting your credentials.
Enter your network username (username@kln.ac.lk) and password.
Click OK.
The Verify Certificate dialog box appears.
Click Continue.
An authentication dialog box appears.
Enter your Mac OS X username and password (local user account).
Click Update Settings.
You have successfully set up the UoK wireless network and you are now connected to the eduroam wireless network.
If your laptop can also connect via network cable:
Configure your web browser(s) for automatic proxy detection.
Note:To re-establish a network connection to eduroam after initial setup and connection:
Click the Wi-Fi icon in the menu bar at the top right corner of the screen and select eduroam from the list (you may need to wait a few seconds for the wireless networks to appear)
Set up and connect to the UoK wireless network from your Mac OS X v10.6 (Snow Leopard) laptop
Ensure that your computer's date and time is accurate. (This is required for certificate verification later in the process.)
Click the Wi-Fi icon in the menu bar at the top right corner of the screen and select Turn Airport On.
Click the Wi-Fi icon again and select eduroam from the list (you may need to wait a few seconds for the wireless networks to appear).
A dialog box appears requesting your credentials.
Enter your network username (username@kln.ac.lk) and password.
Select OK.
The Verify Certificate dialog box appears.
Select Continue.
An authentication dialog box appears.
Enter your Mac OS X username and password (local user account).
Click OK.
Click Apply.
You have successfully set up the UoK wireless network and you are now connected to the eduroam wireless network.
If your laptop can also connect via network cable:
Configure your web browser(s) for automatic proxy detection.
Set up and connect to the UoK wireless network from your Linux (SLED 10 - Gnome) laptop
To set up the connection via Network Manager, follow these steps.
Select Computer | More Applications.
The Application Browser window opens.
Click Network Manger Editor under the System section.
The Wireless Network dialog box is displayed.
Select eduroam from the Wireless Networks column.
The Wireless Network Key Required dialog box is displayed.
Network Manager automatically detects certain settings. Ensure that the following information is correct:
Wireless Security: WPA Enterprise
EAP Method: PEAP
Key Type: Automatic
Enter your username@kln.ac.lk (staff ID, 3rd party or student number) in the Identity field.
Enter your UoK network password in the Password field.
Note:
You do not have to enter any CA certificate information.
Click Connect.
You are now connected to the UoK wireless network.
If you're using a laptop that can also connect via network cable:
Configure your web browser(s) for automatic proxy detection.
Set up and connect to the UoK wireless network from your Linux (Ubuntu) machine
Note: These steps were tested on Ubuntu 13.04.
Click the network configuration icon on the taskbar. The Wireless Networks menu listing appears.
Select eduroam from the list.
The Wi-Fi Authentication Required dialog box appears.
Ensure that you set the following options:
Wi-Fi security: WPA & WPA2 Enterprise
Authentication: Protected EAP (PEAP)
PEAP Version: Automatic
Inner Authentication: MSCHAPv2
Enter your username@kln.ac.lk (staff ID, 3rd party or student number) in the Username field.
Enter your UoK network password in the Password field.
Leave all the other fields blank.
Click Connect.
The No Certificate Authority certificate chosen dialog box appears. Tick Don't warn me again. Click Ignore.
You have now successfully set up and connected your Ubuntu 13.04 workstation to the UoK wireless network.
If you're using a laptop that can also connect via network cable:
Configure your web browser(s) for automatic proxy detection.
Set up your mobile device and connect
Set up and connect to the UoK wireless network from your Apple iPad, iPhone, iPod or iPad Mini
Note: These steps have been tested on an Apple iOS device with iOS 7.1 installed.
To set up the connection, follow these steps.
On the Multi-Touch screen, tap the settings Settings application icon.
The Settings window appears.
In the Settings column, tap Wi-Fi.
The Wi-Fi Networks window opens.
Ensure that Wi-Fi is turned On.
The Choose a Network... section appears.
Tap eduroam.
The Enter Password dialog box opens.
In the Username field, type your staff/third party/student ID followed by @kln.ac.lk. In the Password field, type your network password. Tap Join.
The Certificate dialog box opens.
Tap Accept.
The Wi-Fi Networks window reappears, with a tick next to eduroam.
Press Home to go back to the Multi-Touch screen.
You can now open your web browser and browse the Internet.
Set up and connect to the UoK wireless network from your Android OS device
Note: These steps have been tested on a Samsung Galaxy S3 device with Android OS 4.1 (Jelly Bean) installed.
To set up the connection, follow these steps.
From the home screen, select Apps.
The Apps screen opens.
Select Settings.
The Settings screen appears.
Select the Wireless and networks tab.
The Wireless and networks screen appears.
Select the Wi-Fi checkbox to turn the wireless connection on.
From the Wi-Fi settings select arrow.
From the list of Wi-Fi networks, select eduroam.
The eduroam screen opens.
From the eduroam screen, set the following:
EAP method: PEAP
Phase 2 authentication: MSCHAPV2
Identity: enter your network username@kln.ac.lk (i.e. staff/student number).
Anonymous identity: Leave this field blank.
Password: your network password.
IP settings: DHCP.
Click OK / Connect.
eduroam should now show connected under Wi-Fi networks.
Select Home to return to the desktop.
Set up and connect to the UoK network on a BlackBerry (pre-BlackBerry 10)
These instructions or only for BlackBerry models that are older than BlackBerry 10.
Delete eduroam
On your BlackBerry device go to Setup | Wi-Fi | Saved Wi-Fi networks.
On the Saved Wi-Fi Networks screen, scroll to eduroam and press the BlackBerry button.
From the dropdown menu, press Delete.
Press OK.
Eduroam has been deleted from your mobile device. Press the back arrow to return to the main menu.
Reinstall eduroam
On your BlackBerry device go to Setup | Wi-Fi | Other ways to connect.
On the Other ways to connect screen, select Manually Connect to Network.
On the Manually Connect to Network screen, enter the following information:
SSID: enter eduroam
Ensure that the Use default name checkbox is selected.
Press Next.
Security Type: WPA/WPA2 Enterprise
Enterprise Sub-Type: PEAP
Username: username@kln.ac.lk (i.e. staff/student number) (ensure that there is no space after .lk)
Password: UoK password.
CA Certificate: thawte Primary Root CA
Inner link security: EAP-MS-CHAP v2
Token:
Server subject: leave empty
Server SAN: leave empty
Ensure that the Disable Server Certificate Validation checkbox is selected.
Press Save and Connect.
Your device is now connected to the eduroam wireless network.
Set up and connect to the UoK wireless network on other mobile devices
If your device's operating system is not covered elsewhere in this article, ICTC will provide best effort assistance for connecting your device to the wireless network. You can try to connect by using the settings below.
However, depending on which mobile device you are using, these settings may appear in a different order and some details may not be requested. You may need to click the Advanced tab to get to these settings.
Navigate to the Wi-Fi settings menu on your device.
Enter the following settings to connect the device to eduroam:
Network SSID: eduroam
Security Type: WPA2-Enterprise
Authentication Type: EAP/PEAP
2nd Phase authentication:MSCHAPV2
Identity / Username: enter your network username@kln.ac.lk (i.e. staff/student number).
Password: your network password.
IP settings: DHCP
Trusted Certificate:thawte Primary Root CA
Eduroam has been deleted from your mobile device. Press the back arrow to return to the main menu.