360 likes | 394 Views
This guide provides information on joining the EduRoam network, including the benefits, requirements, and implementation steps. It covers topics such as the EduRoam community, local NREN EduRoam portals, team requirements, and wireless and Radius implementation.
E N D
A Practical Guide for Joining EduRoam EuroCAMP Torino A Practical Guide for Joining EduRoam chris.myers@grangenet.net4 March 2005 Version 1.6
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
What’s this EduRoam thing? • EduRoam is a Federated Authentication Trust Framework • For wireless networks • Which allows roving researchers to login • With their standard user name and password • To wireless networks at participating organizations • Around the world • To access resources at their home or local institution.
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Is there a community? Global Participants EduRoam Dec 2004 There are over 350 participating institutions
Is there a community? Developing a local community. • Performed extensive PR campaign. • Concept presentations to RNO’s • Technical • Management levels. • Web presents established. • Target meetings with critical path organizations. • Email and news release campaign. • Track release propagation via web trends. • Presentations at conferences and meetings. Camp Delegates declare YES! to Interest in EduRoam trials at The Australian Middleware Camp 2004.
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
What is in it for me? Users • On demand network access. • Mobility • Coverage • Security • Performance • user-friendly environment • The ability to work on collaborative e-science projects. • Reduced costs due to VoIP calls using SIP or H323 over wireless. • The ability to use your own laptop computer and PDA’s • A reduction in productivity loss in visiting other institutions.
What is in it for me? NRENs • A value add services. • The encourage and support of collaborative environments. • Support for network access for guests. • Answer user demand for coverage, security and performance. • Solution for Inter University Conferences. (with safe wireless)
What is in it for me? Turn key solution for • A local authentication framework. • A global authentication framework. • A interconnect policy framework to base other systems on.
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Local NREN EduRoam Portal. • Elements of a portal • Local information • Services • Participants • Policies • Technology • International links • Information for roaming • Mail lists • How to contact Groups
Local NREN EduRoam Portal. • Data Mining • Who’s interested. • Where are they from. • Are you hitting your targets
Local NREN EduRoam Portal. • Did any one read the news release • Put links in your news release (this helps) • How can I exploit this information
Local NREN EduRoam Portal. • Feed Back and help. • Feed back is important. • for the program. • for the NREN. • for the Institute. • For the user. • Use detailed user guides on portal • Put in links to the WIKI forum. • The user that can help themselves don’t call. WIKI forum page
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Team Requirements What people are required for EduRoam • The wireless people • Basic wireless administration skills. • The directory people • Average Radius administrative skills. • The security people. • Average firewall/ACL skills • The desktop support. • Basic to Average skills • Its not about the technology that’s easy.
Team Requirements What the people require from EduRoam • Trust. • Policy. • Reactive, collaborative, community. • Policy. • For the NREN press the flesh. • Its all about the People.
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Local Wireless Implementation 802.1x Tools • SecureW2 Alfa & ArissSecureW2 for Windows platforms is the cost effective and most robust client solution for deploying 802.1X networks. The SecureW2 Client enables EAP-TTLS using the standard Microsoft IEEE 802.1X Client currently available for Windows 2000, Windows XP and Pocket PC 2003. • Now open source
Local Wireless Implementation Cisco 1200 Series Access Point setup for EduRoam • Under Security, Encryption Manager. • Select VLAN in drop down box under Set Encryption Mode and Key for VLAN. • Select Cipher in Encryption Modes. • Select TKIP in Cipher drop down box. • Clear Encryption keys. • Select Encryption key 2.
Local Wireless Implementation • Under Security, SSID Manager. • Select eduroam SSID. • Under Authentication Settings, Methods Accepted. • Select open Authentication with EAP in the drop box. • Select Network EAP. • Under Authentication Settings, Server Properties. • Select Customize. • Under Priority 1 select your RADIUS servers address.
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Radius Implementation • Create National radius server. • Federate to international server. • Good service selling point. • Create institutional Radius services. • Create test accounts. • On all sites • Radius Tools • Free RADIUS - A most excellent free radius server
Radius Implementation • Deliver cookie cuts. (AUS example) • config for end user to connect to national server • realm DEFAULT { • type = radius • authhost = 203.22.212.134:1812 • accthost = 203.22.212.134:1813 • secret = XXXXXXXXXXXX • nostrip • } • client 203.22.212.134 { • shortname = national-au-eduroam1 • secret = XXXXXXXXXX • }
Contents • What’s this EduRoam thing? • Is there a community? • What is in it for me? • Local NREN EduRoam portal. • Team Requirements. • Local Wireless Implementation. • Radius implementation. • Layer 8.
Layer 8 Layer 8 • Can be your friend. • They want the service. • They can see the business drivers. • Will divert resources to the project. • Can be your enemy. • They Can have unrealistic expectations. • The work policy triggers lawyers. • Lawyer means money and long documents.
Layer 8 Know your Landscape • What is out there. • What does the community want. • Can you meet there requirements. • Can you control expectation. • Can you deliver the service. • Were can you go for help
Layer 8 An EduRoam deployment requires six deliverables; • Inter University Access Policy. • Acceptable use Policy. • Interconnected Trusted Wireless Federation. • Security Framework Model. • EduRoam branded Web Portal. • Inter continental Global Federation.
Layer 8 • Minimum Service levels. (AUS) • EduRoam SSID broadcasted. • (if technically possible on AP). • 802.1x WPA TKIP EAP-TTLS • http, https & VPN pass though permitted. • Radius Server. • EduRoam portal at site. Security is locally enforced. So you are in control of your environment.
EduRoam Links International links http://www.eduroam.org http://www.eduroam.nl/en/index.shtml http://www.eduroam.edu.au http://www.terena.nl/tech/task-forces/tf-mobility/ http://www.ja.net/development/aa/lin/index.html email enquiries join@eduroam.org gwg-eduroam@eduroam.edu.au apan-eduroam@eduroam.edu.au enquiries@eduroam.edu.au
EuroCAMP 2005 Thankyou Please Join the EduRoam http://www.grangenet.net