The generic settings specified below will allow you to configure a suitable wireless device to connect to the eduroam secure wireless network.
Not all the configuration settings will be avilable on all devices. If you cannot configure any of these settings it is unlikely your wireless device is capable of connecting to the eduroam wireless network.
The network name for the secure wireless network is eduroam. This must be all lowercase.
The wireless Network Authentication type is WPA2 Enterprise.
The Data Encryption method to use is AES.
If your wireless device does not support WPA2/AES, select WPA authentication and TKIP encryption.
The "EAP Authentication Type" or "Outer Authentication Protocol" is PEAP or PEAPv0.
The "Authentication Method", "Authentication Protocol" or "Inner Authentication Protocol" is MS-CHAPv2.
Your username is your UUN plus "@ed.ac.uk", e.g. "firstname.lastname@example.org".
Your password is the password you use to access Office 365.
If asked for an "Outer Identity", "Anonymous Identity" or "Roaming Identity", leave it blank.
If asked for a realm, leave it blank.
You should choose to Validate the Server Certificate.
The certificate should be from the Radius Server radius01.is.ed.ac.uk..
The Root Certificate Authority or "Root CA" is UTN-USERFirst-Hardware. The UTN-USERFirst-Hardware certificate is signed by AddTrust External CA Root.
Although you may be able to connect to the eduroam wireless network without validating the server certificate, your connection will not be secure. You must ensure server certificate validation is enabled.
The following settings will not be available on every device, but if present should be configured as follows:
To install one of the following wireless root certificates, please right-click (Windows) or ctrl+click (Mac) on the one you need, choose 'Save Link As' (Windows) or 'Download linked file as' (Mac) to save it locally to your computer (e.g. to the Desktop) and then double-click it to install.
You should only need to import the AddTrust External CA Root certificate into your device. If that doesn't work try importing all three certificates. Each certificate is available in two formats: Base64 or DER.
Most devices will work with either format, however for Nokia/Symbian series phones you should use the DER format certificate.