JANET Roaming Logo

About JANET Roaming | Maps of where you can use JRS eduroam

Using JRS | Documentation | Technology/FAQs | Technical Support | How to Join

The JANET Roaming service provides eduroam in the UK which enables network logon anywhere using own username and password regardless of location without the need for guest account set up. The service is available at participating organisations over wi-fi and at designated guest workstations. The fully supported service is free of charge (*).

What is JRS/eduroam - info for users, management and administrators On this page button Just published button
For end users - using JRS For end users - info on JRS sites you plan to visit For system administrators - roadmap to implementing JRS

The JANET Roaming service now comprises 101 registered organisations enabling the service to be offered at locations throughout the whole of the UK (see map of JRS locations) and through our membership of the international eduroam federation across Europe (map) and in many countries around the world.

JANET Roaming provides the solution for JANET organisations wanting to offer high quality network services for visitors by facilitating authenticated guest logon without IT Support workload. Visitors to JANET-connected sites can experience quick, simply authenticated and secure access to full JANET network services, enabling access to the Internet, home organisation networks via VPN, web mail etc., and permitted resources on the visited site network.

Why implement JANET Roaming - is it for my organisation?

JRS News - June 2009:

JANET Roaming Fundamentals course trial being held on 15th July. There are still a few places left on the trial of JANET Training's new course. It will be held at Peter House in Manchester http://www.ja.net/services/training/venues/manchester.html.

This course will provide delegates with an understanding of how JANET Roaming operates at both basic technical and support level. This includes an overview of how to configure user equipment and solve some of the issues those users might face. The course also covers the configuration of wireless and wired clients for use on the JANET Roaming Service (eduroam), details of the logfile examination and methods of fault finding and reporting.

The full course outline is available at  http://www.ja.net/services/training/courses/roamingfundamentals.html 

Cost

Places on course trials are free of charge to staff from JANET connected sites, but limited to one delegate per organisation.  

Our trials

Before running a new course in full, we always run a full trial.  This trial helps to assess the course materials, practical activities and timetable.  When attending a trial delegates should be aware that;

    * The course may not run as smoothly as a full course (by its very nature this is an opportunity to see how things work in practice)

    * All delegates will be expected to provide constructive verbal feedback at the end of the course.

    * All delegates will be required to complete an anonymous but extensive feedback form.

Booking

Online booking available at http://www.ja.net/services/training/schedule/by-date.html

New JRS joiner this month - we're pleased to welcome Leeds Metropolitan University. The total number of UK participating organisations is now 101.

In last few weeks eduroam has connected two new European NRENs - AMRES (Serbia) and MARNET (Macedonia). The European confederation now has 36 connected countries. So if you are planning a visit to either of these countries, check out the eduroam web site for links to the institutions within those countries that are eduroam-enabled!

JRS Support database now supports multiple individual sites for each participating organisation. JRS administrators are now able to advertise far more granula information about their service offering including wireless cipher information for each site.

OpenSEA 802.1X Supplicant accepted into Wi-Fi Alliance testbed: we are pleased to announce that the OpenSEA 802.1x supplicant has been accepted into the Wi-Fi Alliance's Wi-Fi Protected Access (WPA) testbed. This is an important milestone in the development of open security standards for wireless networking and continues the momentum towards OpenSEA’s goal of promoting the development and distribution of an open source 802.1x supplicant. To read the full article, please go to:
www.ja.net/company/news-2009/wifialliance.html

May News:

Online supplicant configuration training is now available: GEANT2 has produced online training in how to configure the following supplicants; built-in Windows XP, Intel, SecureW2. Supplicant configuration made easy - see: http://cbt.geant2.net/repository/eduroam_supplicants/setting_up_eduroam_supplicants.html

Smooth introduction of withdrawal of the JRS1 service tier: the withdrawal of JRS1 (supporting web redirect based authentication) came into effect on 1st May without any reported issues from the community. This has allowed the JRS service to become fully eduroam-compliant.

Technology/FAQ section revamped: the Technology/FAQs section of this web site has been given a makeover with the questions and answers grouped into three categories based on the main interest groups; end-users, JRS site technical administrators and general information/business management.

New release of Xsupplicant 2.1.7 XP: the Open1X group has announced the release of Xsupplicant 2.1.7 development version (8/05/2009) for Windows XP. This update includes a lot of bug fixes a number of new features; internationalisation of the user interface (using QT's linquist program), and the capability to compile and run on Linux (with a reduced feature-set). More.

April News:

Two new joiners this month - we're pleased to welcome Edinburgh Telford College and London Metropolitan University. The total number of UK participating organisations is now 101.

March News:

JRS celebrates the registration of its 100th participating organisation. With the registration of Brunel University there are now 100 organisations participating in the UK. Usage of the service continues to grow - statistics gathered from the NRPS show a dramatic growth over the last six months and we constantly hear reports from administrators of increased uptake.

Dramatic growth in usage of JANET Roaming:

NRPS access-accept packet count Sept07-March09

 

Previously Published JRS News

  • JRS location maps have been upgraded
  • IPv6 on the NRPS and JRS Support servers
  • New index and entries in the Technology/FAQs section
  • New simultated visitor test on JRS Support Server
  • Update to the JRS Technical Specification

 

Just published - for JRS IT administrators:

Using Certificates Issued by the JANET SCS with MS IAS (Word) pdf version pdf file

FreeRADIUS v2.0.2 Implementation to support JANET Roaming service at the University of Sussex pdf file

IEEE 802.1X Implementation at JANET-Connected Organisations pdf file

Inter-NREN Roaming Infrastructure & Service Support Cookbook 2nd Edition (pdf) Produced and published by GEANT2

 

Recommended reading:

For end users:

JANET Roaming User Guide Adobe Acrobat logo (pdf)

JANET Roaming Policy Adobe Acrobat logo (pdf)

 

For IT managers:

JANET Roaming Management Briefing and Business Case Adobe Acrobat logo (pdf)

For JRS IT administrators:

Roaming - what does it really mean and how can you use it?

Proceedings of the one day event held at Trinity House 15/11/20006

JANET Roaming Deployment Guide Adobe Acrobat logo (pdf)

A Case Study in Complying with the JRS Technical Specification at Bristol University Adobe Acrobat logo (pdf)

JANET Roaming Technical Specification (doc) Adobe Acrobat logo (pdf)

For further documents see Documentation page

 

On this page:

 

Enquiries

General enquires about the service - features and benefits, service details; please contact JANET Service Desk e-mail:service @ja.net or e-mail the service manager directly.

 

JANET Roaming - The Need

  • Visitors to JANET sites want authenticated, secure AND easy access to full network connection - home networks, Internet and permitted areas of host network
  • JANET sites want to provide visitor access logon without IT Support workload

The Solution

  • JANET Roaming - enables logon using own username and password regardless of location

Background

As demand for visitor network access at JANET connected organisations has increased and will continue to do so, the need has grown for an infrastructure to reduce the administrative burden faced by local IT staff in setting up guest accounts and to provide hassle free guest access for visitors. The solution is the JANET Roaming Service which provides this facility and which will in turn help effective collaboration on research and academic projects.

 

What is JANET Roaming and what does it provide

Benefits for the user:

  • Network access at all participating organisations - worldwide
  • No need to get a guest account set up at every organisation visited
  • Same username and password regardless of location
  • Guaranteed access to broad set of services (Internet, e-mail, VPN protocols)*
  • Free at point of use
  • Info:

Benefits for the network manager:

  • Facilitates setup of JANET-compliant network facilities for visitors
  • Removal of administrative burden of guest account setup
  • Sets common security standards and enables traceability
  • Fully supported JANET service

JANET Roaming developed from the Location Independent Networking (LIN) concept for providing simple authenticated independent network access for visitors to JANET connected organisations. It comprises an infrastructure to enable guest users to use their own home network registered user credentials (eg. username@foo.ac.uk and home password) to gain authenticated independent network access at participating organisations, without any administrative burden or added complexities - both for the user and the local IT staff.

(*) Since the service guarantees the availability of a wide range of protocols, the guest user can use whatever remote access facilities are provided by their own organisation and whatever facilities are offered by the visited organisation.

Why authenticate guest users onto the network (pdf)

 

Why not implement JANET Roaming - since 802.1x may well be part of your security strategy

The utilisation of 802.1x is in many cases the sensible solution when enhancing security on a network and in many cases will be a cornerstone of a secure wireless network. Having installed a RADIUS server for this purpose, most of the work will have been done on the path to implementing JANET Roaming. Introduction of JANET Roaming is then a small step and will provide a valuable service to users and visitors.

With support for 802.1x reaching ubiquity among networking equipment manufacturers, the standard is now gaining widespread acceptance - giving cautious IT departments hope that a workable solution for locking down ports through dynamic access control may finally be a reality. The last remaining barrier to adoption for many organisations is simply overcoming the 802.1x learning curve. There is much material on this web site that should help with this.

 

The business case for JANET Roaming

JRS Management Briefing and Business Case (pdf) - an overview of the JANET Roaming Service for IT managers at JANET connected organisations together with the business case for implementation.

 

What's involved

The service is free at the point of use; participating organisations have to provide and set up a RADIUS server which references the JRS National RADIUS Proxy Server network.Visitor user setup involves a one-off configuration of their laptop and input of host network SSID in order to achieve independent JANET network access from the visited organisation and (depending upon home network remote access systems) access to their home networks. All this is achieved without any administrative burden or added complexities for either the guest user or the local host network IT staff, once the system has been implemented.

It is recommended that the remainder of the information on this introductory page should be assimilated, however to jump to the in-depth implementation guide - click here and for joining instructions - click here.

 

Who is the JANET Roaming service for

JANET Roaming is available for any JANET customer organisation and their registered users - universities and colleges as well as research organisations and other academic bodies. The organisations which will benefit the most are those with a large base of users who roam to other academic locations or those organisations which are frequently engaged in providing guest network access to large numbers of visitors. The range of organisations to which the service can be provided is not technically limited to academia/research and may be extended in the future.

 

The difference between JANET Roaming and Shibboleth

JANET Roaming and Shibboleth are complementary technologies that provide solutions to two different objectives. Roaming provides network access via single username and password. Once network access has been achieved, Shibboleth provides controlled access to restricted online resources (such as journals and media content) through a central authentication and authorisation infrastructure.

 

Where is JANET Roaming available

JANET Roaming is part of the eduroam federation (www.eduroam.org) in which the UK, 22 other European countries, Australia and Taiwan have collaborated to provide international peered RADIUS proxy authentication facilities.

UK organisations currently participating in the service:

 

Joining

To underpin the service and to support organisations joining and participating in the scheme, a comprehensive, fully resourced support structure has been put in place which provides:

  • Pre-deployment support – planning and selection of RADIUS server hardware and software and supplicant systems
  • Technical support during implementation
  • Post-implementation support on technical issues
  • Dedicated JANET Roaming support web site for participants only
  • Dedicated e-mailing list for technical and service announcements
  • A chargeable consultancy service
  • Comprehensive technical and promotional documentation
  • JANET Roaming availability map showing where and how JANET Roaming can be used

Promotional material is available to help with the following:

  • Assistance of organisations in general advertisement of the service at their campuses
  • Advertisement of the specific locations at which JANET Roaming is available on their networks
  • Education of staff and student userbase about the benefits and usage of the service

 

JANET Roaming technical issues and service discussion e-mail list

 

How do individuals get to use JANET Roaming

Your organisation must be a participant in JANET Roaming or eduroam. If this is not the case why not ask your IT department about joining? Registered users with network logon accounts at participating organisations should visit the JANET Roaming service web pages at their home organisation - details of which can be found by hovering over the city blobs on the Participating Organisations Map. Users should also consult their home IT Support department for one-off setup of their laptops prior to travelling to Visited sites supporting the JANET Roaming service. They will also be able to learn what facilities at the Home Organisation site are offered for remote access from Visited Organisations, (eg. e-mail, VPN). Using JANET Roaming more..

 

Development of new cross-platform GUI 802.1x supplicant

JANET(UK) is collaborating on a new initiative to deliver an open-source IEEE 802.1X supplicant. The initiative builds on JANET(UK)'s technology partnership with the OpenSEA Alliance, formed by leading networking and security companies including Extreme Networks, Identity Engines, Infoblox, Symantec Corporation, TippingPoint, and Trapeze Networks. Aruba Networks and Hewlett-Packard have now joined as promoter members. For details, please see the full press release.

This initiative follows the debate that took place at Networkshop34. The bof session at Networkshop34 proved to be very popular - JANET(UK) has been considering an open source approach to resolving the problem which relates particularly to the lack of a comprehensive supplicant for Windows operating systems.

For those who did not attend, the three options were: to develop wpa_supplicant, enhance secureW2, or go with an Open Source option with the OpenSEA foundation formed by a US company, idEngines, who are porting the xsupplicant code base to a Windows platform. The latter was considered to be the best of the three options. A demo release was available May/June 2007 which was followed by ongoing development. after a number of releases and version updates, with the release of XSupplicant 2.0.0 the product can now be considered sufficiently stable for use. Development on the "SeaAnt" branch of the supplicant has been frozen and all new development will now be taking place on the next release with it's code named "SeaMonkey".

Shortly after the start of the project there was a call for volunteers to trial the supplicant once this became available in the beta phase. Loughborough, Bristol, Oxford Brookes, Swansea, Liverpool, Southampton and Edinburgh universities and STFC Daresbury Laboratory applied and are trialing the XSupplicant. Interest from further organisations wishing to participate is welcomed: please contact the JANET Roaming service manager jrs@ja.net.

All the development requests for the GUI have been recorded and considered.Up to date info on the progress and development of the GUI will be available through the DOT1X jiscmail list and any input is greatly valued.

More archive info at: http://open1x.sourceforge.net/

Further information is also available on the JANET Development pages.

 

For in-depth information on JANET Roaming see: About JANET Roaming

 

External Links - associated topics

Any problems, comments or suggestions regarding this page, please e-mail the JANET Roaming service manager.

 

 

 

 

Privacy Policy | Web Admin
© The JNT Association,
JANET(UK), Lumen House, Library Avenue
Harwell Science and Innovation Campus, Didcot, Oxfordshire
OX11 0SG