Configuration of eduroam
You can configure eduroam automatically and securely via the CAT tool of the DFN association. CAT is hosted on the websites of the Géant association in the Netherlands, which is the umbrella organization for eduroam. You can trust this website just as much as you can trust the website of UDE.
For this, click the button “Click here to download your eduroam configuration program” on https://cat.eduroam.org/?idp=5016. The configuration page for the eduroam profiles of UDE on eduroam.org is managed by the ZIM. On Android devices configuration is done much easier manually (see below).
On the new page, you can download the correct tool for any operating system.
You authenticate yourself with <Unikennung>@uni-due.de (do not forget the @uni-due.de!!) and your university-password or your wifi-passwort, should you have set up one separately in the Selfcare-Portal. Please be careful not to enter a blank space accidentally.
The tool is available for the following systems:
- Windows 10
- Windows 8
- Windows 7
- Windows Vista
- Android 4.3+ (easier to do manually, see videos below)
- Apple Mac OS X 10.7+
- Apple iOS mobile devices (iPhone, iPad, iPod Touch)
You can configure eduroam manually on all operating systems without installing additional software.
Generic configuration (regardless of the operating system):
- EAP-method: PEAP or TTLS
- Inner Authentication: MSCHAPv2
- Certificate: Choose “T-Telesec Global Root Class 2” if installed or install it first under https://www.pki.dfn.de/fileadmin/PKI/zertifikate/T-TeleSec_GlobalRoot_Class_2.crt
- Inner Identity: <Unikennung>@uni-due.de (For Unikennung enter your personal Login-ID)
- Outer Identity: email@example.com (if this option is missing, just leave it out)
- Domain: radius1.uni-duisburg-essen.de (not “uni-due.de”!)
- Password: <Your University Password> OR WiFi password should you have set one in the Selfcare-Portal
Students of the FOM can find additional information for the installation in our FAQ.
Screenvideos: Screen Videos: Manual Android configuration (left, easier) and configuration using the eduroam CAT (right):
Should you not have the menu option “Use System Certificates” in Android, just install. T-TeleSec_GlobalRoot_Class_2.crt manually. For this, go to T-TeleSec_GlobalRoot_Class_2.crt, in your browser, enter a name for the certificate and choose “Use for WiFi”. Alternatively, the certificate can also be saved and installed from there.
Check if you have set a WiFi password in the Selfcare-Portal.
- To download the certificate, you have to have set a PIN/lock pattern.
- The app is available only from Android 4.3 upwards.
- If you can use system certificates, it can happen that the configuration cannot be adjusted. Then, the network first has to be completely removed.
- Please download the CAT tool with Safari.
- The error message “Invalid Password” might appear on updated configurations as well. Please check, that as a user name you enter the correct and complete credentials, which is <Unikennung>@uni-due.de (not your e-mail address!). If the error message should keep appearing, please set a separate WiFi password in the Selfcare-Portal and then try the configuration again.
- On some IOS systems the following notification might appear:
You need to accept this certificate and click “Trust” to confirm.
- Should you not be able to connect to other WiFi networks after using the eduroam CAT, please uncheck the box on “Auto Proxy Discovery” in the advanced network settings.
- Should you successfully connect to the network but have no internet connection, please deactivate IPv6 in the adapter settings in the Network and Sharing Center in your Control Panel.
- There might be problems on Windows 7, 8 and 10, if you have already installed the software “Géant Link” before. Install the Géant Link software before using the CAT and then it should work. Géant Link might have been installed by using an obsolete CAT tool.
Should you be in an area with bad signal, it can happen that the server cannot be verified. In that case, please go to an area with better signal. There the certificate is verified once. After that, the connection should work everywhere.