Eduroam
What is eduroam?
This page is intended to explain what is eduroam and how it works. If you only need to configure your device to connect to it with your SISSA account, follow this link
eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community.
eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptop.
Having started in Europe, eduroam has gained momentum throughout the research and education community world wide. Currently there are four regional eduroam confederations (for a detailed view of the countries that belong to each confederation, select the regional confederation above):
- in Europe (http://www.eduroam.org/?p=europe)
- in the Asia-Pacific ( http://www.eduroam.edu.au/eduroam-in-asia-pacific.html)
European eduroam server coverage
The map below depicts the European countries that have connected their national top-level RADIUS servers to the European top-level RADIUS server (ETLR).
Data are being gathered by the eduroam Operational Team to produce a real-time Google Map
In Italy the Italian Eduroam Federation is managed by GARR Consortium (http://www.garr.it) and includes more than 70 organizations/universities. You can check the updated list of federated organizations here: http://www.servizi.garr.it/index.php/it/eduroam/elenco-istituti-aderenti1
SISSA and eduroam
Since SISSA is member of the Italian Eduroam Federation, guest users that belong to federated institution can connect to SISSA network using their own credential (username and password). Also SISSA users, when visiting other federated institutions, can connect to the hosting network using their own credentials.
SISSA Users
When visiting other federated institutions, SISSA's users can connect the hosting network using the wireless id eduroam and using their own SISSA credentials (username and password).
Be careful to always add the realm @sissa.it when entering your username.
For example: if your username is bianchi always insert bianchi@sissa.it
The configuration of your computer is the same you use for WiFi connection in the SISSA buildings, except you have to use eduroam.
Eduroam Guest Users at SISSA
Guests users that belong to a federated institution can connect to SISSA network associating to the eduroam wireless id, and using their own credentials. Again remember to always add your institution realm after your the username, in the form yourusername@domain.tld
For example: if your username is white and your institution top-level domain is cam.ac.uk (the university of Cambridge in this example) always login using white@cam.ac.uk
Please note: eduroam guest users can access also SISSA wired network.
As a golden rule, you need to configure your device only exactly once, as instructed to by your home institution. From then on, you can use all eduroam hotspots world-wide without reconfiguring anything.
Exactly how to configure your laptop or other handheld device for eduroam will depend on
- which device(s) you are using and
- your institution's local identity management configuration
If you know that your school / university / college does provide eduroam, please ask the IT staff for support with setting it up on your laptop or other devices.
Important: the configuration instructions are specific for your institution.
It is not helpful to follow configuration instructions of other institutions; the settings are different from institution to institution and you will very likely misconfigure your device if trying third-party configurations.
If you are not sure whether or not your institution provides eduroam, the National Roaming Operator for your country may be able to help with your enquiry.
List of TCP/UDP open ports
Once connected to eduroam from inside SISSA all outboud traffic is fitered exept the following tcp/udp ports and protocols:
- AH/ESP
- TCP 20 ftp-data
- TCP 21 ftp
- TCP 22 ssh
- TCP 23 telnet
- TCP 43 nickname/whois
- UDP 53 domain
- TCP 80 http
- TCP 110 pop3
- UDP 123 ntp
- TCP 143 imap
- TCP 389 ldap
- TCP 443 https
- TCP 465 smtps
- UDP 500 isakmp
- TCP/UDP 554 rtsp
- TCP 587 submission
- TCP 636 ldaps
- TCP 873 rsync
- TCP 993 imaps
- TCP 995 pop3s
- TCP 1194 openvpn
- TCP 1718-1719 H.323 RAS
- TCP 1720 H.323 Q.931 CallSetup
- TCP 1723 pptp
- TCP 1755 ms-streaming
- TCP 1863 msnp (Windows Messenger)
- TCP/UDP 1935 wirecast
- TCP 2401 cvspserver
- TCP 2628 dict
- TCP 3128 squid
- TCP 3389 ms-wbt-server (rdesktop)
- TCP 3690 svn (Subversion)
- TCP 4500 ipsec-nat-t
- TCP 5050 yahoo messenger
- TCP 5190 aol/ichat
- TCP 5220,5223 GoogleTalk
- TCP 5242,5243 Viber
- TCP 8008 hhtp-alt
- TCP 8080 webcache
- TCP 8084 IBM Lotus Sametime
- TCP 8880 cddpb
- TCP 9418 git
- TCP/UDP 10000 IPsec over tcp/udp
- TCP 11371 PGP
- UDP 33434-33464 traceroute
- TCP 46015 Koala/EVO