On completion of this document please return to: email@example.com
Also available as a PDF or Microsoft Office Word Document.
eduroam is available to all AARNet subscribers and is governed by the Australian eduroam Policy
|Organisation Name:|| |
|Homepage URL|| |
|eduroam URL:|| |
|Authentication Type:||EAP-TTLS, EAP-PEAP, EAP-TLS|
|Inner Authentication Method:||MSCHAPv2, PAP, CHAP, Certificate|
If you've implemented TLS please provide an authentication certificate as an attachment when submitting this application.
The Australian eduroam Policy details minimum requirements for joining the eduroam service. These are detailed in the following questions. Each question relates to a specific criteria item from the Policy which you can cross reference for further information.
|2.3.1||Are your users over 18 or have parental consent to use the network?||eduroam access may not be filtered at visiting sites.|
|2.3.4||Are your user aware that their activity may be logged?|| |
|2.4.2||Is user activity monitoring announced?||Mentioned in an AUP or other documentation.|
|3.1||IP address of Primary RADIUS Proxy Server|| || |
| ||IP address of Secondary RADIUS Proxy Server|| ||Recommended by not required.|
|3.3||What is the username of your eduroam Test Account?||(Provide)||e.g. eduroam-test@UNINAME.edu.au|
| ||Have you provided the password of this account via txt or phone to:|| |
|3.5||Is your network SSID eduroam?||If 'Yes' then next question.|
|3.5.1||Is your SSID eduroam-UNINAME?|| ||Provide the SSID used.|
|4.1||Do you log RADIUS requests/responses?|| |
|4.2||Do you log DHCP requests related to eduroam usage?|| |
|4.3||Do you retain the above logs for a minimum of 3 months?|| |
|5.3||Does your eduroam webpage comply with the Policy?|| |
|6.1||Primary Technical Contact Name:|| || |
| ||Primary Technical Contact Phone:|| || |
| ||Primary Technical Contact Email:|| || |
| ||Secondary Technical Contact Name:|| || |
| ||Secondary Technical Contact Phone:|| || |
| ||Secondary Technical Contact Email:|| || |
|6.2||Security Contact Name:|| ||Can be the same as a technical contact.|
| ||Security Contact Phone:|| || |
| ||Security Contact Email:|| || |
|6.3||Have your technical + security contacts subscribed to the mailing list|| |
Please provide the site/campus name for the locations your organisation has/will have an eduroam presence on.
|Site/Campus Name||Wireless Coverage Map URL|
| || |
| || |
| || |
| || |
| || |
| || |
| || |
Inclusion of Wireless Coverage Map URLs is Optional.
If there are locations that your organisation doesn't have eduroam on - then this should be detailed on your eduroam information website.
|1a.||Do you allow outbound connections to a PPTP VPN?||Port 1723 and IP Protocol 47 (GRE)|
|1b.||Do you allow outbound connections to a IPSec VPN?||UDP Port 500 and IP Protocol 50|
|2.||Do you allow outbound connections to HTTP & HTTPS sites?||Port 80 & 443|
|2a.||Do outbound HTTP/HTTPS connections require the use of a proxy?||If 'No' go to 4.|
|2b.||Is the proxy implemented as a transparent proxy?||Go to 4.|
|2c.||Is the proxy discovered via DHCP/DNS entry?|| |
|2d.||Is the proxy discovered via a PAC or WPAD entry?|| |
|3.||Is the network SSID "eduroam" and visibly broadcast?||If 'Yes' go to 5.|
|4.||Is Network Address Translation utilised?|| |
|5.||Do you allow outbound connection to IMAPS, POPS and Submission?||Ports 993, 995 & 587|
|6.||Do you rate limit inbound bandwidth to for eduroam Visitors?|| |
|6a.||Is this limited to less that 1024kbps shared between eduroam Visitors?|| |
|7.||Do you allow full egress network access?|| |
Your ease of use rating will be calculated from these responses.
Please detail the coverage of your wireless network.
|Coverage||Definition||Coverage Provided (Please Tick)|
|Blanket wireless coverage of the site.|| |
|Coverage in all meeting and common use areas.|| |
|Coverage in most meeting and common use areas.|| |
|Coverage is available in many buildings.|| |
|Very limited wireless coverage.|| |
|eduroam is not available.|| |
It may take a working week to process and complete your request.
On the successful submission of your application - you'll receive an email containing the shared secret necessary for communicating with the eduroam National RADIUS Proxy Servers (NRPS).
You'll also receive communication of the AARNet eduroam Test Account so that you can test your RADIUS/eduroam connectivity to the rest of the federation.
If your organisation has not met the requirements of the Policy you will still be connected to eduroam. There is a 30 day grace period in which to become compliant. After that point your application needs to be revised and reviewed to continue connectivity to eduroam. No site will be disconnected until thorough review of progress toward policy compliance and a decision by AARNet and its Project Group members.