Eduroam is an international service that provides internet access to participating member institutions, particularly higher education institutions. All infrastructure is administered by the local educational institutions, but if you have valid login credentials at one location, you should be able to log in at any other institution that also participates in eduroam. UC Davis currently provides network access through eduroam over the "eduroam" network that is visible around campus where there is current WiFi coverage.

The Eduroam network uses WPA-enterprise as its encryption scheme. The world-wide eduroam network uses a hierarchy of radius servers to allow access to any member of a participating institution at any location where an eduroam network is available. Requests are continually forwarded until they are verified by the users home institution. For most of us at Davis, these requests will go directly to Davis's RADIUS servers since they are directly attached to the network, but the process is somewhat different at other institutions or for people visiting the campus who have access through another institution. Another benefit of using WPA-enterprise over just an unsecure network that doesn't take advantage of WPA3 is that all your traffic is encrypted. There is still an open Davis guest network, but this is an unsecured network and thus all network traffic that isn't encrypted at a different OSI network layer will be sent unencrypted and is visible to anyone looking around. Most modern protocols should prevent this from happening as many of them will encrypt the connection with TLS on top of the underlying network connection, but some stuff might still get sent in plain text.

Logging In

A lot of the official UCD documentation is available here.

iOS

  • Select the eduroam network from the list of available WiFi networks.
  • Type in your UC Davis email as your username and your Kerberos password as the password.
  • Press join in the upper right hand corner.
  • When prompted to add a certificate to your device, press trust.
  • You should be good to go.

Windows

Official documentation for manually configuring a connection on Windows is available here. There is an automatic tool that can be used, documented here, but that's just extra bloat on your computer just to connect to a WiFi network.

Mac 

You can manually configure your connection using the method described in the official documentation here, or you can use the more automatic method using a configuration tool described here. Same thing as Windows applies here, kind of annoying just having extra bloat to connect to the campus WiFi when you don't have to.

Linux

I'm currently writing this using Ubuntu 22.04 which uses NetworkManager managed through Gnome. Most other distros will most likely be using NetworkManager, potentially with a different front end, but most of the settings should be pretty similar.

There is some (outdated) official documentation available here. This guide instructs the user to add a certificate for the connection from the path /etc/ssl/certs/AddTrust_External_Root.crt, but this certificate expired in 2020 and isn't necessary to create a working connection.

  • Select the eduroam network from the list of available WiFi networks.
  • Make sure the authentication/EAP is set to PEAP.
  • Leave the anonymous identity section blank.
  • Use your UC Davis email and your Kerberos password as your login credentials.
  • If you can't select the join button, there should be a checkbox that allows you to connect without a certificate selected. Click that checkbox.
  • Click join and after a little bit of time (sometimes 15-30 seconds after it appears a network connection has been established), everything should be good to go.