...
The basic requirement for and eduroam SP is that the underlaying WLAN must be able to support IEEE 802.1X authentications, WPA2/AES support and, if you also want other networks, multi-SSID support. This is usually the case with today's network equipment. If you want to distinguish traffic beloning to the eduroam network from other traffic, you also need to deploy VLANs in your network.
For eduroam, you need to add information of the RADIUS server that you will be using to your WLAN controller (or stand-alone access point). You will need to add the IP address of the RADIUS server as well as the shared secret, which is basically a string of characters that has been agreed on by you and the operator of the RADIUS server. You may also have to add information about the ports to use, which are 1812 for authentication and 1813 for accounting.
Once you have added the RADIUS server you need to create the eduroam SSID. This must be a network with 802.1X and WPA2/AES enabled and the SSID must be eduroam and this SSID should not be hidden. For this eduroam network, you still need to define that the RADIUS server defined previously need to be used.
In this wiki it is not possible to keep up-to-date guidelines on how to set up eduroam on all wireless equipment on the market. The best way to set up eduroam on your network is to do the initial setup according to the manufacturer's guidelines and thereafter, checking the same guidelines on how to apply the eduroam-spesific settings mentioned above.
Set up of WiFi hotspots
All of the solutions presented below support the basic requirements for an eduroam SP: support for IEEE 802.1X authentications, WPA2/AES support. When deploying eduroam, deployers often want to make use of additional features such as multi-SSID support, dynamic VLAN assignment and others. Every section contains a table with a short overview of their support of such additional useful features.
...