Updated - 1/12/2022

This document describes the content that should be included in an ‘eduroam service information’ web page on a publicly accessible web site for all participating organisations – as required in the eduroam(UK) Technical Specification.

Contents:

• Web Page Content Overview and Accessibility
• Minimum content for both Home and Visited service providers
• Additional minimum content applicable to Home (Identity) service providers
• Additional minimum content applicable to Visited participants
• Recommended content applicable for both Home and Visited participants
• Example eduroam Service Information Web Pages

Web Page Content Overview and Accessibility

There is a certain mandatory minimum information content defined in the Technical Specification as described below. This is followed by recommended content. Note that Visited organisations’ eduroam service information web pages are subject to more extensive requirements than those for Home sites.

The web page(s) should include sufficient ‘how to get started’, ‘how to use’, ‘where to get support’ and ‘policies and responsibilities’ information to enable the organisation’s own users and visitors to the organisation to gain maximum benefit from the service during their time at the organisation and whilst visiting other eduroam-enabled sites.

The web page(s) must be accessible from the Internet (and in cases where Internet access is limited, from the organisation’s internal network). It is recommended that Visited organisations should ensure that their eduroam service information website is accessible using small form-factor devices such as PDAs.

In recognition that participating organisations have differing approaches to the publication of material on their web sites and to keep the mandatory requirements as simple as possible, this guide separates out the key mandatory information from the more comprehensive information that we recommend is included on the info page, as follows:

• Common mandatory minimum content for both Home and Visited service providers (A)
• Additional mandatory minimum content for Home sites (B)
• Additional mandatory minimum content for Visited sites (C)
• Recommended additional content for both Home and Visited service providers (D)

eduroam Information Pages Content

A) Minimum content for both Home and Visited service providers:

• The type of eduroam service being provided at the site, Home and/or Visited and the operational status of the service. (It is essential that users are able to form accurate expectations of the service being provided by the organisation).
• The text of, or a link to, the participating organisation’s acceptable use policy (AUP), where applicable.
• A link to the eduroam(UK) Policy must be included
• The eduroam logo linking to the European eduroam website (www.eduroam.org)

B) Additional minimum content applicable to Home (Identity) service providers:

• A link to the eduroam(UK) web site Where you can use eduroam in the UK  page (https://community.jisc.ac.uk/library/janet-services-documentation/where-can-i-eduroam-uk). (To provide users with a way of finding out which other organisations offer eduroam and service information at those locations).
• A statement requiring users to remove the eduroam profile from their devices when their association with the organisation ends.

C) Recommended content for Home (Identity) service providers:

• It is recommended that your web site contains introductory text about eduroam, describing basically what eduroam provides for your staff and students.
• Most importantly, instructions should be provided on how users can configure their laptops and other devices to work with eduroam. In the early days of eduroam this may have included how to download 802.1X supplicants and client certificates (or get support with these tasks) and how to update certificate Trusted Root CAs/Intermediate lists for your ORPS server certificate. These days, unless you are using an alternative device provisioning system such as SecureW2 or Ruckus Cloudpath ES, we recommend that you instruct your users to use the geteduroam App on iOS, more recent versions of Android phones and Windows laptops (Windows 8 – 11). On Windows laptops with older versions we recommend use of the 'classic' eduroam CAT installer for Windows (obtainable via the CAT web page https://cat.eduroam.org/). Of course to use either of these tools, you need to use the eduroam CAT set up EAP profiles for your users to download.
• Having got their devices correctly set up, instructions should be provided for users on how to connect to eduroam, using whatever supplicant software you utilise on managed devices or support on users' own devices. Uses need to know how to use their credentials to connect to eduroam networks both for wireless client devices and wired networks where applicable.
• Home organisations need to emphasise the importance of keeping users' credentials secret, and stress that usernames comprise both the userID and the realm, just as in an e-mail address. This is particularly relevant for Home-only organisations which are migrating to eduroam from services where the username previously consisted of only the userID or DOMAIN\userID. 
• In addition Home organisations could add information about the applications that are offered to remotely authenticated users, e.g. web mail, VPN.
• Where to turn to for support - it is important that users should be advised who they should contact if they require support at a remote site  i.e. the Home site IT Support Helpdesk should be contacted in the first instance, unless the problem is clearly a Visited site WLAN failure.

D) Additional minimum content applicable to Visited participants:

• A Visited organisation must provide sufficient information to enable visitors to identify where the service is available and how to access the service; at a minimum this should include the locations (e.g. campus or specific buildings/zones in cases where only limited coverage is provided), any access constraints, any time constraints, the SSID, Wi-Fi RF bands (2.4Hz-only / 2.4GHz and 5GHz / 5GHz-only) and wireless cipher s (WPA2/AES or WPA3 transition mode).
• If the organisation has deployed an application or interception proxy on their eduroam network, the following information must be included: a statement that a proxy is in place and if the proxy is not transparent, documentation on the configuration of applications to use the proxy.

[Nb. We require that Visited organisations must not deploy application or ‘interception’ proxies on the visitor network. This is because applications commonly require special configuration to use a proxy, which reduces usability and may increase the support burden. The presence of a proxy may also break some applications. Likewise ‘interception’ proxies, often used by intrusion and virus detection systems, may result in the user experiencing unexpected network behaviour].

E) Recommended content for Visited participants:

• It is recommended that the web site contains introductory text about eduroam, describing basically what eduroam provides for your staff and students.
• Visited organisations may wish to publish details of any IP filtering policies they impose on their eduroam network. This will be helpful for visitors in understanding why certain applications may not work on your eduroam network. It may also assist Home organisations in supporting their users without needing to contact local support staff at the Visited organisation.

Example eduroam Service Information Web Pages

• Barnsley College - https://www.barnsley.ac.uk/about-us/connecting-to-eduroam/
• Eastleigh College - https://www.eastleigh.ac.uk/learner-hub/eduroam-wi-fi/
• Luton Sixth Form College - https://www.lutonsfc.ac.uk/pages/pages-support/connecting-to-the-college-wireless-network
• Morley College - https://servicedesk.morleycollege.ac.uk/hc/en-us/articles/360012872391-How-To-Connect-to-eduroam