TU BRAUNSCHWEIG

 

Eduroam
© Eduroam

World-Wide Wireless LAN

Since January 22nd 2007 TU Braunschweig takes part in the roaming project DFNRoaming of the german national research network DFN. This project in turn is part of the world-wide eduroam project. The name eduroam stands for Education Roaming. As members of the eduroam project we allow guests of other educational or research facilities that take part in eduroam to easily and securely access our wireless lan network. In return other eduroam facilities allow members of TU Braunschweig to access their wireless lan network. The clue is that every participant only uses his or her userid and password from his or her home institution to access any eduroam network.

What this comes down to is that, if your home institution is part of eduroam and you have configured access to a wireless lan with SSID "eduroam" on your laptop, you will be able to use this same configuration at any other participating institution to access its wireless lan. You will be able to use this wireless lan depending on the host network policy and may even be allowed to use additional network resources.

In practice this means that if you were working wireless somewhere on campus at TU Braunschweig and shut your laptop to travel to some partner institution, all you have to do there is to open your laptop again and continue to work.

Eduroam is based on a hierarchical RADIUS infrastructure that uses the 802.1X protocol to securely relay authentication information between partnering institutions.

Configuration parameters:

  • Encryption via WPA2 with AES (WPA2-Enterprise)

  • Authentication:
    802.1X

  • Authentication method:
    EAP/TTLS using PAP (or MSCHAPv2).

  • External tunnel configured with "anonymous@tu-bs.de" (the domain is important).

  • Authentication on the inner tunnel uses regular TU Braunschweig userid (with added "@tu-bs.de") and password.

  • Certificate information: until 18. March 2018: CN=rznradi1.rz.tu-bs.de or CN=rznradi2.rz.tu-bs.de. Certs are signed by TU Braunschweig CA. Starting from 19. March 2018: CN=netauth.rz.tu-bs.de
    For further information, click here(german).

  • Warning: Always configure the certificate information and never disable the certificate examination on your device! If you get a certificate error when logging in, please log in by no means in such a WLAN. Never ignore such messages!
    Further, never use only a user ID and password in order to connect to eduroam but configure your device properly and wisely. The easiest way to do so: Use our instructions under configuring eduroam.

  • Please use secure passwords by following our password policy.

You'll find detailed configuration instructions below. The instructions are german but there are many screenshots that should be self explanatory. You can get additional help by visiting the IT-Service-Desk. Please note that only EAP/TTLS with PAP is officially supported as authentication method. Some devices only offer only EAP/TTLS with MSCHAPv2 for which we offer limited support. However MSCHAPv2 is not an officially supported authentication method.

Further information:


  last changed 30.01.2018
TU_Icon_E_Mail_1_17x17_RGB pagetop