eduroam @APNIC

drawing

eduroam is a global service enabling staff and students of educational, research and related institutions to visit another eduroam participating institution and connect to the visited institution’s wireless network automatically.

More about eduroam is available from AARNet, the eduroam AU ‘roaming operator’.

eduroam is an international secure Wi-Fi network access service that enables eligible research and education users to have free Internet access when they travel to participating research and education institutions and organizations around the world. APNIC is able to join the eduroam initiative due to the education nature of the APNIC Academy. This service is available to APNIC Members who are also users of the APNIC Academy.

Where can I find eduroam?

eduroam is available in more than 100 economies including Australia, China, Hong Kong, Indonesia, Japan, Macau, Malaysia, New Zealand, Singapore, South Korea, Sri Lanka, Taiwan, Thailand, and so forth.

Accessing eduroam

To connect to eduroam you must:

  • Be an APNIC Member with a MyAPNIC account under APNIC Login, and
  • Be a user of the APNIC Academy using the same account

Notes on accessing eduroam:

  1. You need your APNIC Login credentials to connect.
  2. You must access the APNIC Academy using the same APNIC Login account to gain the status of a ‘student’ in order to fulfil the requirement of joining the eduroam community.
  3. You may need to do password reset on the APNIC Academy under “My Profile”. (You can use the same password as before if you prefer).
  4. Your APNIC Login username should be in an email address format username@domain.tld and you have to use username%domain.tld@apnic.net as the login name together with your APNIC Login password for eduroam Wi-Fi login. (Do note, the % and @apnic.net are used here, and only here.)
  5. When you try to connect to eduroam for the first time on each of your devices at trusted eduroam access, you have to accept the APNIC certificate before you can proceed. You only need to do it once for each device. (If you are asked for the password again at other places that have suspicious eduroam access, do NOT connect and do NOT supply your password as everything should be automatic after your first access.)

Other information

eduroam Policy

Trust in eduroam authentication is underpinned by use of a proven secure technical infrastructure and protocol, and a set of policies to which all eduroam
participants are required to comply.

Through participating in eduroam AU, APNIC agrees to conform to the Global eduroam Policy and the eduroam AU policy maintained by AARNet.

eduroam Wireless Settings

SSID: eduroam
SecurityWPA2-Enterprise
EncryptionAES
EAP MethodEAP-TLS
CA CertificateAuto-detect
Identity<your own username/email address>

eduroam Wirless Coverage

  • APNIC Office (Full coverage)
    • 6 Cordelia Street, South Brisbane QLD

Network Services Provided
APNIC provides full outbound access with NAT’ed IP addresses. In other words, you can access any services you normally do e.g. the Internet, your institution via VPN etc. However any servers running on your devices will not be accessible externally while connected to the APNIC network.

eduroam Support
When you connect to eduroam WIFI provided by APNIC, due to relative complexity of wireless and eduroam infrastructures, you may experience difficulty in getting a network connection due to several reasons e.g. an issue with your device configuration, wireless networking, institutional eduroam operability or eduroam infrastructure operability. If network access issues occur, in the first instance eduroam users should contact their home institution’s IT helpdesk to seek support.

If this is not possible, or if the home institution can’t resolve the issue, visiting users may contact the APNIC IT support (07 3858 3100).

Users’ responsibility
The eduroam AU policy states that users must conform to their home institution’s network Acceptable Use Policy (AUP).

Users are recommended to read and comply with the Acceptable Use Policy of visited institutions. Visiting eduroam users should refer to the APNIC Community Code of Conduct.

User privacy
When using eduroam, the eduroam protocol prevents your institutional password from being revealed to any eduroam server other than your home institution’s eduroam server. So your login password is protected and remains secret between you and your home institution.

However your username is visible to the APNIC RADIUS server and other eduroam infrastructure servers involved in getting your authentication request from your device to your home institution, and may be included in logs. Such logs are required to be protected by the institution running the RADIUS server.

The eduroam trust model (between institutions remotely authenticating their users, and other institutions providing network access, via eduroam) is supported by the ability to trace a particular network access event to an authentication of a ‘real user’ by their home institution.

Home institutions agree to take appropriate action on behalf of visited institutions in case a user doesn’t comply with the home institution’s network AUP.

In order to provide this traceability, remote authentication and network access transactions via eduroam are logged by APNIC, with logs being retained for a period of three months. Access to usage logs is restricted to authorised personnel and authorities as required by the law.