When travelling abroad, it is expensive to use data roaming service. If you like to get a free WiFi account at the institute you are visiting, it may require you to follow few complicated steps before an account is issued to you. If you are going to visit an institute abroad, eduroam (Education Roaming) eliminates the need for a guest account to access wireless network.
When UM’s faculty staff members and students visit eduroam participating institutions, they can connect to eduroam using their UM wireless LAN credentials. Visitors to UM from participating eduroam universities can use UM’s eduroam service using their home institution credential, too.
eduroam is a worldwide federation using the technology of RADIUS authentication through IEEE 802.1x and WPA or WPA2 for encrypting traffic. It involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is the client device that wishes to attach to the wireless LAN, the authenticator is the wireless Access Point (AP) and the authentication server is the host supporting the RADIUS authentication.
Now, let’s see how the roaming confederation works together to deliver the worldwide eduroam service. For example, when Jenny, a student of UM, visits Sydney University in Australia. She tries to associate the SSID eduroam, she inputs her credentials same as using UM wireless LAN. She may need to change the configuration setting such as authentication and encryption types of eduroam. Since Jenny is trying to access eduroam at the University of Sydney, she needs to follow the setting recommended by University of Sydney. To prevent any inconvenience we recommend to check the eduroam setting before visiting an educational institution abroad.
When Jenny connects to eduroam at University of Sydney, her credentials are passed through the wireless LAN system of University Sydney route to UM eduroam authentication server via the global eduroam network. There is no need to worry about the security of user credentials. Credentials will not be saved on any other RADIUS servers throughout the routing paths.
All the credentials data will be processed by UM eduroam authentication server. When Jenny’s request will arrive at UM eduroam authentication server, her credentials will be verified and then the authentication information, with either Accept or Reject confirmation is sent back through global eduroam network finally reaching University of Sydney.
If Jenny’s credentials are accepted by UM, University of Sydney grants wireless LAN access to Jenny, and the network policy, such as access right of websites, the internet speed and other user policy will be controlled by University of Sydney not UM.
Frequently Asked Questions
Who can use the eduroam outside UM?
All UM’s faculty, staff and students can use eduroam when they visit the participating institutions joined with eduroam. Please note that user credentials (login ID and password) are the same as the wireless LAN account.
What steps are required before eduroaming outside UM?
To use eduroam, user’s device must be compatible with 802.1x authentication and WPA/WPA2 for the traffic encryption like UM_SECURED_WLAN. As the authentication and encryption setting follows the visiting institution, user is recommended to check the setting according to the instructions provided by the institution one is visiting.
What happens after connected to eduroam outside UM?
After connected to eduroam outside UM, user’s network policy and rules will be controlled by the visiting institution, you can inquire related information before your visit to the institution.
What are the participants of Macao eduroam?