Jisc Lumen House eduroam Service Information
Jisc provides Home and Visited eduroam service types at Lumen House.
Information for Visitors
Wi-Fi network name: eduroam
Security type: WPA2
Encryption: AES
Coverage: eduroam is available throughout the building. eduroam is also available at other locations on the Oxford Harwell campus provided through STFC.
Acceptable Use Policies: the visitor's own home organisation Acceptable Use Policy should be considered to apply when visiting Lumen House and using the eduroam network.
The eduroam(UK) Policy also applies
Support: If you are unable to associate to the eduroam network, Corporate Information Services at Lumen House may be able to assist. If you can associate to eduroam but experience difficulties authenticating, in the first instance you should contact your home organisation IT Support service. Similarly, for help in configuration of your device, only your home organisation possesses the requisite information to help with this.
eduroam Confederation web site: 
Information for Jisc Staff - eduroam
- eduroam makes available to the user a huge footprint of campus-wide and public area Wi-Fi networks (which normally require authentication prior to access to the network logon).
- Only a single Wi-Fi profile and set of user credentials is needed to provide Internet access for the user, regardless of location. No additional configuration is needed for roaming.
- eduroam is available for members of organisations which are eligible to benefit from Janet services (researchers, teachers, students, staff members, other uses supporting learning, teaching and research)
- eduroam makes connecting to a network service easy: automatic connection when in hot zone (depending on Wi-Fi profile), just the same as when connecting at the home organisation, does not require guest network accounts to be set up, free of charge to the user
- Not just the UK - service is available at a huge number of locations across the UK, Europe, SE Asia (including Japan, HK, China, Taiwan and Australia and parts of North America), coming to Africa and South America
- the eduroam standards based network service is assured to support a wide set of applications (web, e-mail, vpn, ftp, citrix)
- eduroam can be enabled for hard-wired desktop machines as well as Wi-Fi capable devices: laptops, tablets, smart phones
- User logon is secured using EAP-based authentication (WPA2 Enterprise) which means that credentials are securely encrypted. AES data encryption on Wi-Fi connection.
How to use eduroam - Jisc Staff
More information about eduroam for users: About eduroam
Acceptable use Policies: IT Security Policy
The eduroam(UK) Policy also applies
Where can I use eduroam?: connecting via eduroam when travelling
Lumen House Wi-Fi network name: eduroam
Security type: WPA2
Encryption: AES
Coverage: eduroam is available throughout the building. eduroam is also available at other locations on the Oxford Harwell campus provided through STFC.
How to configuration your laptop: 1) use the eduroam CAT tool 2) follow the instructions below
1) eduroam CAT Click on the <eduroam user: download your eduroam installer> button towards the bottom of the page
2) Windows (7) Manual Configuration Guide for eduroam (Jisc staff only)
Visitors must consult the configuration information provided by their Home sites.
To set up eduroam as a new wireless network on a laptop:
1. Left hand click on the wireless network icon in the system tray. If there is no wireless icon in the system tray, go to the Control Panel and select <Network and Sharing Center>
2. If the eduroam SSID is detected right hand click on eduroam and click on <Properties> and skip to step 6. If eduroam is not detected select <Open Network and Sharing Center> at the bottom of the dialogue box or go to the Control Panel and select <Network and Sharing Center>
3. Select <Set up a new connection or network>
4. Select <Manually connect to a wireless network> and click <Next>
5. Enter network name: eduroam
6. From the drop down list select security type: WPA2-Enterprise
7. Encryption type: AES Make sure 'Start this connection automatically' is ticked. (And click on <Next> if using network and sharing Center. Ignore greyed out Security Key box).
8. Click on the 'Security' tab if necessary and ensure 'Choose a network authentication method' is: Protected EAP (PEAP)
9. Check that the 'Remember my credentials for this connection each time I'm logged on' box is ticked (recommended setting)
10. Click on the 'Settings' button and tick 'Validate server certificate'
11. Scroll down the list of root CAs in the 'Trusted Root Certification Authorities' box and tick AddTrust External CA Root (although theoretically UTN-USERFirst-Hardware should also work) [QuoVadis Root Certification Authority will be needed at some point in the future].
12. To ensure certificate of RADIUS server actually belongs to the Jisc ORPSs, if there is an option to 'Specify RADIUS server/Certificate Name'. Tick 'Connect to these servers' and enter jrs001.jisc.ac.uk; jrs003.jisc.ac.uk
13. On the <Configure...> tab, untick <Automatically use my Windows logon name and password>
14. OK and close.
You should now be prompted for your eduroam credentials when you try to connect to eduroam (networkusername@jisc.ac.uk).
15. You might get an error message which looks like the screen print below. If you do, do not click <Connect>
Instead, click on the 'Details' arrow and get in contact with CIS, advising them of the contents. You MUST validate the RADIUS server certificate or else you will leave yourself vulnerable to authentication server spoofing attacks and consequent theft of your credentials.
