Eduroam (Education Roaming) is an institutional association, which secures wireless internet connection for the members of association institutes. Our research institute has been a member of this association since 2018.
The identification of WiFi access points (SSID) is called eduroam everywhere, or it begins with this expression.
In case of „eduroam” WiFi, the host institute guarantees the network access. In each case, the servers of the user’s own institute give the permission to the legal use. Any member of the association can identify himself/herself at any connecting point with his/her eduroam username together with his/her connected password. The username password combination is proper only in that case if its owner is familiar with the conditions of use in his/her institute, he/she has accepted them and the service is given by the system administrators.
Every employee of the member-institutes has the possibility to use eduroam, but not automatically, as he/she has to request it from their own institute. If somebody cannot identify himself/herself at such an access point, the problem can be solved only in his/her own institute, so the WiFi point operators cannot help in this case.
The user must set the client computers for himself/herself. The operators of the access points are not obliged to give any technical help, that is why it is suggested for everybody to prepare their pc/notebook/mobile in advance in order to be able to use eduroam.
WiFi access points in ELI-ALPS
Our institute has available “eduroam” WiFi network in the following buildings: “B”, “C”, “D”.
The user policy of our internet acccess provider (KIFÜ) applies to users of this WiFi service as well, which is available via this link:
Almost all notebooks, cell-phones, tablets, GPSs etc. have WiFi connection availabilities. Almost all of them are capable of using eduroam, but due to the big variety, practically it is impossible to give detailed guide to all of them. There are guides for the most common systems, (www.cat.eduroam.org), but in some cases, users need to ask their system administrator’s help to configure.
Before an user would like to connect it from any association (external) members, he/she needs to check his/her ID name/password, and if the connection was successful in his/her own institute.
· Wireless network can use standards IEEE 802.11a, 802.11b, 802.11g és 802.11n
· WPA or WPA2 encrypting method, TKIP/AES coding, EAP/TTLS (or EAP/PEAP) authentication process;
· In case Windows client, integrated, or installed (for EAP/TTLS authentication protocol process) wireless client;
· In case of Linux client, wpa_supplicant program, NetworkManager
During connection the DHCP server sends you all the network information necessary to the IPv4 connection. All client computers are behind a firewall, where only well-determined ports are open, so it can be possible that some data traffic is not available. The operational institute declines all responsibility arise during usage or outage.
The following ports are open for eduroam users:
- TCP 22: SSH
- TCP 80, 443: HTTP, HTTPS
- UDP 500, 4500, TCP 10000: IPsec
- TCP/UDP 1194: OpenVPN
- IP 47, TCP 1723: PPTP
- TCP 465, 587: SMTPS, message submission
- TCP 110, 995: POP3, POP3S
- TCP 143, 220, 993: IMAP, IMAPS
- TCP 21: FTP
- TCP 1494: Citrix ICA
- TCP 3389: RDP
- TCP 5900: VNC
- UDP 53, TCP 53: DNS
- TCP 389, 636: LDAP, LDAPS
- TCP 3653: IPv6 tunnel bro
Personal Data Management
Certain personal data are accessible to the operators by neccesity during the operation, but they can be used only for troubleshooting or managing security incidents. The managing personal data are the following:
- eduroam username
- logged attempts
The above mentioned data are managed by the relevant Data Protection Regulation and Information Security Policy of ELI-HU Non-Profit Ltd.
Handing over any information to a third party is strictly prohibited. Data are preserved as log files for 2 months.
ELI-HU Non-Profit Ltd.,
General IT Departmenthelpdesk