UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
Page 1 of 5. Showing 48 results (0.032 seconds)
radsec certificates
will lead to FetchCRL3 errors and including the eduPKI CA certificate manually is required for a functioning eduroam RadSec implementation. The numberRoaming on Passpoint-based network infrastructure (incl. OpenRoaming)
server can be anything, but if you have a RADIUS server that can speak Radsec, you'll be well on your way there. Radsecproxy is arguably the most well-known open-source Radsec server (and you can put it in front of other non-Radsec servers like Microsoft's NPS) and it is actively supported by the eduroam communityUbiquiti UniFi OpenRoaming configuration snippet (Network Application managed)
. For the eduroam Europe proxy, you could use 'eduroam OpenRoaming Proxy'. Are you going to use Radsec? If so, select 'TLS'. You'll notice things change to add several more settings. Provide the IP address for the proxy. If you use Radsec, use port 2083 with secret 'radsec'. Click 'Add' to add it. - You can contactDevelopment VC, 20250408
to come up with release strategy, will likely not have Radsec, might not be suitable for eduroam Paul D: Can we have outbound TLS at least? Allows orgs to send traffic over Radsec at least. Wi-Fi: What if you want to buy European, and/or not-cloud-managed? Restena and SURF would, but what’s the choices? (Put EUHow to deploy eduroam at national level (ADVANCED)
. <ServerRADSEC> Port 2083 BindAddress 198.51.100.252, ipv6:2001:db8:1::26 Secret radsec … 1.3.6.1.4.1.25178.3.1.1 TLS_RequireClientCert Identifier RadSec AddToRequest eduroam-SP-Country=UNKNOWN </ServerRADSEC> Requestradsecproxy-addon
requires a server certificate and a private key for that certificate to establish the RadSec connection which designates the server as an eduroam SP and IdP … is arbitrary and can be adapted if that port is in use. Since radsecproxy will also accept requests from an upstream RadSec-enabled server, it listens on the defaultArubaOS (stand-alone) OpenRoaming configuration snippets
certificate, the connection can be established over RADIUS/TLS ("RadSec"). Pick one of the two variants below. RADIUS/UDP wlan auth-server OR_Proxy_eduroamOT ip … -framed-user 1x RADIUS/TLS wlan auth-server OR_Proxy_eduroamOT radsec ip openroaming-ap.eduroam.org http://openroaming-ap.eduroam.orgDevelopment VC, 20230523
: this is for the RADSEC trusts between NRO to NRO servers? 15:40:29 From Anders Nilsson To Everyone: URL to the Pad for today? (Never got that VC mail) 15:40:34 From Jan-Frederik … where RadSec Proxy was a vital component. Never got to know if it was homegrown or if they’ve just grabbed ours. 😉 15:48:25 From Paul Dekkers To Everyoneradsecproxy-flr
*:1812 ListenTCP *:2083 radsecproxy will receive requests from all connected Service Providers via both RADIUS and RadSec … defaultClient secret radsec } After all specific clients in the configuration, you can the above stanza as a "catcheduroam roadmap 2025.pdf
regarding GEANT becoming the I-CA / RA (Agent) geteduroam Move the service infrastructure to GEANT IT VMs Fix the (dynamic) server startup issues, work on RadSec … Innovation Support of the RadSec Implement new functionalities Replace the CAT code signers