Type your full IU email address as your username, and enter your Network ID passphrase.
This page lists the most common frequently asked questions about eduroam in the UK.
Furthermore, if a proxy is not transparent, instructions for the configuration of applications to use the proxy must be published.
Version 1.3 of the specification went on simply to note that "interception proxies, often used by intrusion and virus detection systems, may result in the user experiencing unexpected network behaviour." This policy was formed with the use of proxies such as Squid in mind.
It should also be noted that content filtering not involving interception proxies IS permitted on eduroam network services for Visitors (providing its use is advertised), although this is discouraged. The eduroam T&Cs do not prelude the monitoring and analysis of traffic but clarification is sought on whether we can: Log our eduroam users’ outbound traffic and analyse the traffic for frequently used websites and repeat visits, given that we anonymise the data so that is not personally identifiable and delete the information when no longer needed. eduroam policy does not say anything about a member organisation monitoring of use of the network.
However the ability to monitor suggests that a proxy may be utilised somewhere.
2) Application & Interception Proxies / Firewall Configuration - Ports and Protocols for eduroam(UK) visitor networks Is web content filtering permitted on eduroam services?
Filtering of web traffic both URL or content-based, whilst not encouraged, is permitted on eduroam services – provided that TLS/SSL interception is not employed in respect of services for visitors.
By doing this the user could still read e-mails sent over 3G/4G which could be used to advise them of the password change/network access lock/other reasin why eduroam connection is not working for them. Users do not enter their password credential when logging on with eduroam using EAP-TLS and their password isn't stored in cache on the device, which is a security plus, but of course with EAP-TLS you do need to have and operate a certificate management system.Instead, a pop-up window will open (it may take a moment) telling you that additional information is required.Click the link in this window to open an authentication box.Can TLS/SSL interception proxies (for instance as used in content filtering) be deployed?The Technical Specification v 1.3, whilst advising against such deployment, stated that Visited organisations may in fact install application or 'interception' proxies, provided that the fact that such a sysem is being used is published on the eduroam service information page.
TLS/SSL interception requires the user to install a CA certificate from the intercepting organisation. It is in effect a man-in-the-middle interception and is contrary to recommended security practice.