How does eduroam work?

The technology

eduroam is based on 802.1X* and a linked hierarchy of RADIUS servers containing users’ data (usernames and passwords). Participating institutions must have operating RADIUS infrastructure and agree to the terms of use. eduroam can be set up in three easy steps:

  1. Set up a RADIUS server connected to your institutional identity server (LDAP).
  2. Connect your access points to your RADIUS server.
  3. Federate your RADIUS server.

The RADIUS hierarchy forwards user credentials securely to the users’ home institutions, where they are verified and validated.

To protect the privacy of the traffic from the user’s device over the wireless network, the latest up-to-date data encryption standards are used.

The user’s home institution is responsible for maintaining and monitoring user information, even when the user is at a guest campus. Thus, this data is not shared with other connected institutions.

*802.1X is an IEEE Standard for port-based Network Access Control and provides an authentication mechanism to devices wishing to attach to a LAN (local area network) or Wireless LAN.

eduroam CAT

The eduroam Configuration Assistant Tool (CAT) as been developed to help organisations offering their users eduroam access. The tool is customised to support your campus’s individual configuration and implements this across a variety of platforms.

CAT protects your users against rogue Wi-Fi hotspots accessing usernames and passwords. CAT greatly reduces the manpower required to implement eduroam and provides a better service both for you and your users.

CAT allows you to:

  • login using federated access;
  • upload server certificates, helpdesk contacts, institution information, eduroam settings etc.;
  • choose to deeplink/embed CAT in your online information or send your users direct to CAT, where they can install and activate correctly-configured eduroam software on their own devices, saving you time;
  • use a suite of tools to monitor and manage your campus eduroam service.

Contact your national-level Roaming Operator to authorise your use of CAT.

To find out more about CAT click here.