I believe you have to pay to use the EDUROAM federation of servers. If you do not do this, yours is just another SSID using the name EDUROAM and confusing real EDUROAM clients who happen on campus. Without federation access, there is no way of authenticating visiting EDUROAM clients.
Bruce Osborne Senior Network Engineer Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Voelker, Andy [mailto:[email protected]] Sent: Thursday, April 6, 2017 5:17 PM Subject: Re: EDUROAM Service Fees Thoughts Since Kevin echoed his previous institutions more than his current <ahem> I’ll talk about Davidson’s implementation. I implemented eduroam a little over a year ago at Davidson College. I must say that I hate guest networks. Ours has a captive portal that some devices randomly hate, some users find ways to mess up, and no one gets any semblance of security or privacy. One could design and upkeep a system of acquiring an account or password for a secured network, but none of these are terribly pretty, users are always frustrated by them, and they take some upkeep. We’re a small shop. Eduroam provides people with a secure connection, zero configuration, and, largely, zero frustration. Wireless this day and age is expected to be ubiquitous, and it provides just that. We have eduroam users thrown on to the guest VRF, the same as the guest captive portal network, and we have the ability to traffic shape them separately. The total cost for us is peanuts. Of course, I still have to upkeep the guest network for clients that don’t have eduroam at their home campus and other visitors, but eduroam skims off a significant portion of those visitors and keeps those visitors happy and blissfully away from the helpdesk. Likewise, our community gets the same experience wherever they go. When we joined, we anticipated the cost and built that in to our budget. We’ll have to swing a little to cover the last year, this year, and other fees, but I think it is well worth it. The more campuses that get on board, the greater the value each campus gets out of it. Someone can correct me if I’m wrong, but I do believe you can allow eduroam guests to your campus for free. This is the service provider tier (SP). If you want your community to be able to use it abroad, that’s where the fees come in. That structure is designed to grow the network. Maybe you can start with that and see how many of your community members beg for IDP access? That pricing structure could have changed, along with the other things recently. Andy Voelker Network Administrator and IT Infrastructure Team Lead Davidson College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Davis, Kevin Sent: Wednesday, April 5, 2017 5:36 PM To: [email protected]<mailto:[email protected]> Subject: Re: [WIRELESS-LAN] EDUROAM Service Fees Thoughts This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing<http://aka.ms/LearnAboutSpoofing> Feedback<http://aka.ms/SafetyTipsFeedback> T.J., I am a tremendous advocate and proponent for Eduroam as a common good service that our campuses should adopt wherever possible. At the most tactical/self-interested side, in most of our cases, we have significant numbers of study abroad students as well as faculty who are doing sabbaticals, research, conferences, meetings and other activities around the world. One of my previous universities counted the number of international travelers annually and it approached being a five digit number! Many of those trips are to universities; and, the vast majority of those schools — particularly in Europe but also in Canada, Asia, Latin America and other places — are using Eduroam. The seamlessness of the experience it provides is terrific. Your users immediate get an authenticated, secure connection at thousands of institutions in exchange for allowing within-higher ed roaming on your network. And it can simplify your own support/help requests for your own network. (I once heard a horror story of an international education program at an Asian university where the 60 students/multiple faculty were getting new weekly guest credentials for a two month program — when if they had known about Eduroam, which was in use on the campus, all that hassle on both sides would have been avoided.) I know of a significant number of schools that are deprecating their own named wireless networks and using Eduroam for both their own users and their EDU visitors. This has the advantage of making sure that your own users are (properly) onboarded to Eduroam while at home, so they can roam without difficulty. Make sure to require the realm for your local users. Davidson expects to migrate to Eduroam as our sole campus 802.1x/secure network this year. To your question: yes, it is pretty straightforward and common to segment your campus users from visitors and to give different experiences; iirc, the Eduroam expectation is for only a limited number of ports/services at minimum. At a broader level — to me Eduroam is an example of the benefits that happen when higher ed collaborates. I have been in this industry to remember, vaguely, the bad-old-days when NSFNet was going away in the mid-1990s and all of our institutions were about to get the bandwidth and cost screws put to us by private sector telcos. The birth of Internet2 (and state RENs, and other actors) was in response to that and was from a spirit that higher ed working together across boundaries can deliver services in the common good. Eduroam — which actually originated via GEANT in Europe as an initiative before coming to the US — is to my mind an incredibly successful cross-institutional win for universities and research, but it only works if we all participate. </soapbox> Kevin -- Kevin Davis Deputy CIO & Director, Core Services Davidson College ITS (704) 894-2405 (office) | (919) 599-8194 (mobile) From: The EDUCAUSE Wireless Issues Constituent Group Listserv <[email protected]<mailto:[email protected]>> on behalf of "McClintic, Thomas" <[email protected]<mailto:[email protected]>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <[email protected]<mailto:[email protected]>> Date: Wednesday, April 5, 2017 at 5:21 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [WIRELESS-LAN] EDUROAM Service Fees Thoughts Good Afternoon, We have not yet implemented EDUROAM, but began looking into it as it was part of our Internet2 subscription. It now appears that they have changed the service to have an annual fee, plus price per enrolled student. Our feelings are that implementing now with an added fee does not seem likely. We have done without the service this long and our faculty/students are not using it, so no disconnect of services for them. I wanted to know others feeling on the subject. Do you plan to continue with the service given the prorate charged back of 2016? Are you segmenting campus visitors from other institutions away from your users, and could this not be accomplished with a guest network? Do you feel the cost of the service is reasonable given the use your institution has? Thank you for any responses! TJ McClintic ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
