eurecom eduroam installation and user guide 2016
TRANSCRIPT
EURECOM eduroam – installation and user guide - P 1
EURECOM eduroam
Installation and user guide 2016
Thomas Mercurio - Valérie Chaubard
Summary Introduction to Eduroam ............................................................................................................................................... 2
eduroam visitors coming at EURECOM .......................................................................................................................... 2
Connect to eduroam ...................................................................................................................................................... 3
Windows 7 ..................................................................................................................................................................... 4
Windows 8 ................................................................................................................................................................... 11
Windows 10 ................................................................................................................................................................. 14
Linux fedora core ......................................................................................................................................................... 17
Linux Ubuntu ................................................................................................................................................................ 20
Mac OS X ...................................................................................................................................................................... 21
Apple iPhone ................................................................................................................................................................ 22
Android......................................................................................................................................................................... 22
EURECOM eduroam – installation and user guide - P 2
Introduction to Eduroam Thanks to eduroam, students, staff and researchers can access internet using a secured wireless connection when
visiting other participating institutions by using their usual credential.
EURECOM staff moving to another site that is an eduroam member can connect to the internet by using the
eduroam wireless network (using network name/SSID "eduroam") and their usual EURECOM account. You also
don’t need to ask anything to the visited IT service in order to access the internet.
Visitors from other institutions can connect to the internet at EURECOM by using their home institution credential.
eduroam may be operational in parallel with other Wireless infrastructure.
eduroam service in Europe is a confederated service that involves hundreds of institutions. And you can also have
eduroam access in the Asia-Pacific region, Canada and USA. You can find the list of all French members at this web
site: http://www.eduroam.fr. This site gives you access to foreign federations.
eduroam visitors coming at EURECOM
eduroam visitors can use EURECOM network. To do so, they have to connect to eduroam SSID and use their home
site wireless setup. If they are facing issues connecting to eduroam at EURECOM; any helpdesk is provided by
their home institution.
Any visitor has to respect the following charters:
RENATER charter http://www.renater.fr/IMG/pdf/charte_fr.pdf
EURECOM IT charter https://my.eurecom.fr/jcms/p0_2000993/en/informatique-charter
Home institution charter
EURECOM eduroam – installation and user guide - P 3
Connect to eduroam
eduroam allows to connect to wireless internet with a roaming authentication infrastructure. You need to check
that the institution you want to visit is an eduroam member.
You need to setup your wireless connection before you leave EURECOM. You need to setup a high security level in
order to connect to eduroam. WPA2-AES encryption is required. Users authentication is performed via SSL tunnel,
with server authentication from the client. Supported methods, depending on the client OS, are EAP/TTLS
(Tunneled Transport Layer Security) and EAP/PEAP.
The EAP/TTLS standard has been selected to authenticate clients on the network. This standard is embedded inside
Mac and Linux OS but a supplicant is mandatory for Windows OS.
Here are documentations available for different OS:
Windows XP
Windows 7
Linux
Mac OS X If you are facing any connection issue while you are moving to another site, contact EURECOM IT support. Please
don’t ask any support to the visited site: contact EURECOM support : [email protected].
You have to respect the following charters:
RENATER charter http://www.renater.fr/IMG/pdf/charte_fr.pdf
EURECOM IT charter https://my.eurecom.fr/jcms/p0_2000993/en/informatique-charter
Home IT charter
EURECOM eduroam – installation and user guide - P 4
Windows 7
EAP-TTLS standard is mandatory in order to connect to eduroam. It is not embedded inside Windows 7. You need
to install third-party supplicant software. You also need to be administrator of your computer to install it.
You need to perform this setup only one time before you can connect to eduroam from your computer. You’ll need to do it again each time you want to connect from another computer not yet prepared.
Step Action Notes
1 Certificate installation Use the zip file found at the EURECOM intranet
2 Secure W2 software installation in order to use TTLS authentication
Use the zip file found at the EURECOM intranet
3 Wireless connection setup EURECOM credentials required :
username
Mail/Unix Password
Starter
Unzip the file https://my.eurecom.fr/jcms/p0_2003848/en/eduroam-package
1. Certificate installation
The certificate is one of the files you have just extracted: TerenaDER
Double click TerenaDER
click on Next
click on Install Certificate
EURECOM eduroam – installation and user guide - P 5
Click on Finish
Click on OK
(1) Select: Automatically select the certificate store based on the
type of certificate
(2) Click on Next
EURECOM eduroam – installation and user guide - P 6
2. Secure W2 software installation in order to use TTLS authentication
Go back to extracted files.
As administrator of your computer, install the free software SecureW2. Double click on the file
SecureW2_EAP_Suite_111.exe. Choose the language:
Double click and execute SecureW2_EAP_Suite_111
Select a language and click OK
Click Next
Click I Agree
(1) Select TTLS 4.1.0
(2) Click Install
(1) Select Reboot now
(2) Click Finish
EURECOM eduroam – installation and user guide - P 7
3. Wireless connection setup
Open Network and
Sharing Center
Click on Manage wireless networks
(1) Click on Add
(2) Click on Manually create a network
profile
(1) Network name: eduroam
(2) Security type: WPA2 enterprise
(3)Encryption type: AES
(4) Click on Next
EURECOM eduroam – installation and user guide - P 8
Click on Change connection settings
(1) Security tab
(2) Authentication method : SecureW2
(3) Tick remember my credentials
(4) Click on Settings
EURECOM eduroam – installation and user guide - P 9
Select EURECOM-eduroam Profile
Click Configure
Tick Use outer identity
Specify [email protected]
Certificates tab
Don’t verify server certificate
Authentication tab
Select PAP
EURECOM eduroam – installation and user guide - P 10
User account tab
Use your Eurecom credentials:
username@eurecom
Password Unix (or mail)
Click OK
If authentication is successful, connection is automatic. If
there is an authentication failure, a window prompts for
your credentials.
EURECOM eduroam – installation and user guide - P 11
Windows 8
EAP-TTLS is now embedded inside Windows 8. Eduroam access is easier than previously.
You need to perform this setup only one time before you can connect to eduroam from your computer. You’ll need to do it again each time you want to connect from another computer not yet prepared.
Step Action Notes
1 Wireless connection setup EURECOM credentials required :
username
Mail/Unix Password
From the new Metro Start screen press
Desktop.
Right-click on the wireless icon in the
bottom right of the desktop and select
"Open Network and Sharing Centre".
Select "Setup a new connection or
network".
Select "Manually connect to a wireless
network" and click 'Next'.
EURECOM eduroam – installation and user guide - P 12
Enter the following details:
Network name: eduroam
Security type: WPA2-Enterprise
Encryption type: AES
Click 'Next'.
Click 'Change connection settings'.
Select the 'Security tab'.
Choose Microsoft EAP-TTLS
Click 'Settings'.
Identity privacy : [email protected]
Tick certificate Add trust external CA root
Non EAP method: PAP
EURECOM eduroam – installation and user guide - P 13
Click OK
Click Advanced settings
Specify User authentication
Click ok
You’re now able to join eduroam using
your Eurecom credentials:
linux password
EURECOM eduroam – installation and user guide - P 14
Windows 10
You need to perform this setup only one time before you can connect to eduroam from your computer. You’ll need to do it again each time you want to connect from another computer not yet prepared.
Step Action Notes
1 Wireless connection setup EURECOM credentials required :
username
Mail/Unix Password
Right-click on the wireless icon in the
bottom right of the desktop and select
"Open Network and Sharing Centre".
Select "Setup a new connection or
network".
Select "Manually connect to a wireless
network" and click 'Next'.
EURECOM eduroam – installation and user guide - P 15
Click 'Next'.
Click 'Change connection settings'.
Select the 'Security tab'.
Choose Microsoft EAP-TTLS
Click 'Settings'.
Enter the following details:
Network name: eduroam
Security type: WPA2-Enterprise
Encryption type: AES
EURECOM eduroam – installation and user guide - P 16
RESTART the computer
You’re now able to connect using your Eurecom credentials:
linux password
Click Advanced settings
Specify User authentication
Click ok
Identity privacy : [email protected]
Tick certificate Add trust external CA root
Non EAP method: PAP
Click OK
EURECOM eduroam – installation and user guide - P 17
Linux fedora core
You need to setup your wireless connection in order to be able to access eduroam. You need to perform this setup only one time before you can connect to eduroam from one computer. You’ll need to do it again each time you want to connect from another computer not yet prepared.
Step Action Notes
1 Save the Certificate file Use the zip file found at the EURECOM intranet
2 Wireless connection setup EURECOM credentials required :
username
Mail/Unix Password
Starter
Unzip the file https://my.eurecom.fr/jcms/p0_2003848/en/eduroam-package
1. Save the Certificate file
The certificate is one of the files you have just extracted: cert-1876-eduroam.eurecom.fr.cer.
Save this file to a location that you need to remember for next step.
2. Wireless connection setup
Right click on the Wireless connection icon
Select modify connection (1) Wireless tab
(2) Click Add
EURECOM eduroam – installation and user guide - P 18
(1) Connection name : eduroam
(2) SSID : eduroam
(3) Mode : Infrastructure
Wireless security tab
Security: WPA2 enterprise
Authentication: Tunneled TLS
Anonymous identity:
CA certificate: empty
Inner authentication: PAP
username: [email protected]
password: Mail or Linux password
EURECOM eduroam – installation and user guide - P 19
eduroam setup is now finished.
Click on the wireless connection and select eduroam.
On some Fedora, In the Wireless Security tab at CA certificate field, you need to enter this certificate: cert-1876-
eduroam.eurecom.fr.cer
On some Fedora, In the Wireless Security tab at CA certificate field, you need to enter the path:
/etc/pki/tls/certs/ca-bundle.crt
Or you can use the latest certificate here: https://my.eurecom.fr/jcms/p0_2003848/en/eduroam-package
Inside the eduroam package you will find the latest certificate that you need to use: chain-19970-
eduroam.eurecom.fr-1-AddTrust_External_CA_Root.pem
IPv4 Settings tab
Method: Automatic DHCP
EURECOM eduroam – installation and user guide - P 20
Linux Ubuntu
The setup looks like Fedora.
Step 1 is not mandatory : directly configure Wireless connection setup as described in step 2 for Fedora
If you own a latest Ubuntu version, unzip https://my.eurecom.fr/jcms/p0_2003848/en/eduroam-package
On some Ubuntu you may need to use a certificate, in the Wireless Security tab at CA certificate field, you need to
enter the path: /etc/ssl/certs/ca-certificates.crt
Or, inside the eduroam package you will find the latest certificate that you need to use: chain-19970-
eduroam.eurecom.fr-1-AddTrust_External_CA_Root.pem
Wireless security tab
Security: WPA2 enterprise
Authentication: Tunneled TLS
Anonymous identity:
CA certificate: empty
Inner authentication: PAP
username: [email protected]
password: Mail or Linux password
EURECOM eduroam – installation and user guide - P 21
Mac OS X Download and unzip : https://my.eurecom.fr/jcms/p0_2003849/en/eduroam-profile-for-apple-devices
Open the unzipped file .
Votre login windows/linux
Votre mot de passe linux
Choisissez le réseau
eduroam dans vos
paramètres Wi-Fi
EURECOM eduroam – installation and user guide - P 22
Apple iPhone
You need to setup your wireless connection in order to be able to access eduroam. You need to perform this setup only one time before you can connect to eduroam from your computer. You’ll need to do it again each time you want to connect from another computer not yet prepared.
Step Action Notes
1 Authentication user profile EURECOM credentials required :
Username
Mail/Unix Password
Get the eduroam profile for Apple on the Intranet and unzip it.
Send this profile as an attachment by e-mail and click on it.
While the system asks for your credentials, use your Eurecom credentials:
username: Eurecom_ [email protected]
Password: your Eurecom Mail/Unix Password
Android
You need to perform a Wireless setup before you can access Eduroam SSID.
1. Display your settings
2. Tap wireless
3. Tap eduroam and enter the following :
Security: 802.x EAP
EAP Method: TTLS
Phase 2 Authentication: PAP
CA certificate: (unspecified)
User certificate: (unspecified)
Identify: [email protected]
Anonymous Identity: [email protected]
Password: your UNIX password
4. Connect