What is eduroam?
eduroam is a global service enabling staff and students of educational, research and related institutions to share wireless network access, allowing easy inter-institutional roaming. Visitors use the login of their home institution to access the network of other institutions while visiting.
Eduroam infrastructure provided by eResearch South Australia (eRSA), AARNet and global NRENs enables a visitor’s ‘home institution’ to authenticate the visitor remotely. Upon successful authentication, eRSA grants wireless network access to visitors authenticated via eduroam. Other eduroam participating institutions similarly grant network access to visiting staff from eRSA.
If configured correctly, the eduroam user should be able to get a network connection at a visited institution just by opening their laptop or activating their phone or tablet device.
More information about eduroam is available from AARNet, the eduroam AU ‘roaming operator’.
Trust in eduroam authentication is underpinned by use of a proven secure technical infrastructure and protocol, and a set of policies to which all eduroam participants are required to comply.
In participating in eduroam AU, eRSA agrees to conform to the Global eduroam Policy and the eduroam AU policy maintained by AARNet.
What is the users’ responsibility in using eduroam?
The eduroam AU policy states that users must conform to their home institution’s network Acceptable Use Policy (AUP).
Users are recommended to read and comply with the Acceptable Use Policy of visited institutions. Visiting eduroam users should refer to eRSA General Conditions of Use.
What about user privacy?
When using eduroam, the eduroam protocol prevents your institutional password from being revealed to any eduroam server other than your home institution’s eduroam server. So your login password is protected and remains secret between you and your home institution.
However your username is visible to the eRSA RADIUS server and other eduroam infrastructure servers involved in getting your authentication request from your device to your home institution, and may be included in logs. Such logs are required to be protected by the institution running the RADIUS server.
eRSA’s Wireless Settings
|SSID (Network Name)||eduroam-eRSA (case-sensitive)|
|Wireless Network Connection Protocol||WPA2 Enterprise|
|Data Encryption Method||AES|
eRSA users using eduroam
eRSA users should configure eduroam authentication locally (i.e. while on eRSA campus) and confirm successful authentication by eRSA eduroam infrastructure before travelling to other eduroam participating institutions.
The following authentication parameters apply for authentication of eRSA staff via eduroam (below assumes the realm is ersa.edu.au):
|Identity||<Your eRSA username>@ad.ersa.edu.au|
|Anonymous Identity||Do not configure an anonymous identity|
|CA Certificate||Will auto-detect|
User Device Configuration
Device configuration guidelines an be found here.
Visitors using eduroam at eRSA
eduroam is available to general staff, academics, researchers and students from eduroam participating educational, research and related institutions globally. For more information please visit the FAQ page.