Parameters

The following parameters must be exchanged with Skolfederation for eduroam connected organizations:

Administrative parameters

• Organization name
• Domain name
• Technical contact person (name and email address)
• Administrative contact person (name and email address)
• Email address for abuse related matters

Technical parameters

• Protocol (RADIUS/RADSEC)
• Name and IP addresses of connected servers
• Mutually shared secret (RADIUS) or certificate (RADSEC)

The shared secred is provided by Skolfederation to the technical contact in agreement. If certificate is used the exchange is performed correspondingly.

RADIUS/RADSEC servers

Servers:

• r3.eduroam.skolfederation.se
• r4.eduroam.skolfederation.se

For RADIUS, use port 1812 (UDP)
For RADSEC, use port 2083 (TCP)

Ny nyckel för RADSEC-server att använda från och med hösten 2021

Acceptance test and connecting

Before the test connection may be put in production an acceptance test must be performed. How the acceptance test is performed depends on if the organization is connecting as eduroam SP and/or IdP.

Connecting eduroam SP

To connect an eduroam SP the connecting organization configures their RADIUS servers with Skolfederation parameters.

The connecting organization is responsible for filtering any harmful attributes in RADIUS responses, such as VLAN- and role allocation.

After configuration a temporary test account is obtained. When Skolfederation and the connecting organization have confirmed successful authentication, and that the network function fulfills the eduroam Policy Service Definition, the systems may be put into production.

Connecting eduroam IdP

To connect an eduroam IdP the connecting organization configures their RADIUS servers to respond to calls from Skolfederation. Connected IdP must fulfill the requirements set in SWAMID eduroam Technology Profile v1.0.

After configuration connecting organization should perform a test of the function. This is performed easiest by testing the connection at another connected eduroam SP.