What is eduroam?
eduroam (education roaming) is a service provided via JANET which enables students, reseachers and staff to securely access the internet whilst visiting other participating institutions, using the username and login provided by their home organisation.
Does Durham University support eduroam?
The eduroam service is available across the Durham University campus to visiting academics. The service is provided by JANET and only available to WiFi enabled devices. Wired eduroam access, the ability to logon to a wired university point or a university managed PC, is not currently available.
If you require wired guest access or are a guest outside of the academic community and need a guest account, please refer to the University Library pages.
For visitors, the set-up and preparation for using the service should be done before you arrive here. You should contact your home organisation IT support to enable access if you have not already done so, and you can check whether your organisation is participating at the JANET website.
If you are from Durham and have a query about eduroam while visiting another institution, you should contact the IT Service Desk in Durham on 0191 334 1515 or firstname.lastname@example.org.
Please note that the eduroam WiFi profile must be removed from your PC when you are no longer a member of Durham University.
How do I connect to eduroam?
To connect to eduroam while in Durham, you will need your local username and password plus a 'realm', so that your request to authenticate is passed to the correct home organisation e.g. email@example.com or firstname.lastname@example.org (either will work).
Durham supports the JANET Roaming Service (JRS) tier 2 and you should connect to the wireless network using the SSID eduroam and an 802.1X supplicant.
Staff and students are able to try the eduroam service, which will allow them to test their configuration before leaving for another eduroam enabled institution. However, while on your own campus it is advised to use the Durham University Wireless or Durham Web Authentication networks as standard. Details for connecting to these networks can be found here. Students based here at Durham should use the 'DU Student' SSID rather than eduroam - if you are a Durham student and you do access eduroam your device will go through a scan (similar to that for Quarantine) the first time you use it. Please be aware, our recommendation is that Durham staff and students do not use eduroam as their usual wireless network but instead use DU Student or DU Wireless as appropriate.
When visiting another participating institution users can connect to the local eduroam wireless network to get an internet connection. You should configure your laptop/mobile device as shown in the guides listed, according to your operating system:
Please note: When visiting another eduroam institution, you may need to change your Wi-Fi encryption settings to JRS Tier 3 as below:
Security Type: WPA
Encryption Type: TKIP
eduroam is available in all Durham campus WiFi enabled locations, see a list here.
To see a map view of all eduroam enabled institutions, click here.
Allowed Network Services
When connected to eduroam access to network ports is restricted as defined by JANET user guidelines.
The following ports are open for eduroam users:
- IMSP: TCP/406 outbound and established
- IMAP4: TCP/143 outbound and established
- IMAP3: TCP/220 outbound and established
- IMAPS: TCP/993 outbound and established
- POP: TCP/110 outbound and established
- POP3S: TCP/995 outbound and established
- SMTPS: TCP/465 outbound and established
- Message submission: TCP/587 outbound and established
- HTTP: TCP/80 outbound and established
- HTTPS: TCP/443 outbound and established
- Standard IPSec VPN: IP protocols 50 (ESP) and 51 (AH) both outbound and inbound; TCP/500 (IKE) outbound only
- IPSec NAT traversal: UDP/4500 outbound and established
- Cisco IPSec NAT traversal: TCP/10000 outbound and established
- PPTP: IP protocol 47 (GRE) outbound and established; TCP/1723 outbound and established
- OpenVPN: TCP/5000 outbound and established
- RDP: TCP/3389 outbound and established
- VNC: TCP/5900 outbound and established
- Citrix: TCP/1494 outbound and established
- LDAP: TCP/389 outbound and established
- LDAPS: TCP/636 outbound and established
- SSH: TCP/22 outbound and established
- Passive (S)FTP: TCP/21 outbound and established