eduroam is a secure, worldwide roaming access service developed for the international research and education community. It allows users from participating institutions to obtain Internet connectivity at other participating institutions.
To join eduroam, your institution needs to become a member of the national eduroam federation (KENET). Contact the national eduroam coordinator of Kenya (KENET) for specific steps and requirements.
Your institution needs a RADIUS server for authentication, ensure your wireless network supports WPA2-Enterprise, and set up the necessary firewall rules and ensure IP address management.
Install and configure a RADIUS server, integrate it with your institution’s identity management system (e.g., LDAP, Active Directory), and configure the server to communicate with the national eduroam federation’s RADIUS server.
Use strong encryption (WPA2-Enterprise), regularly update and patch your systems, and monitor network traffic for suspicious activity.
Create clear documentation for connecting to eduroam, offer technical support through your institution’s IT helpdesk, and educate users on safe network practices.
Keep authentication logs as required by your institution and national federation’s policies, ensure compliance with data protection regulations (e.g.,Kenya Data Protection Act 2019), and inform users about data collection practices and their rights.
Ensure your RADIUS server is reachable and correctly configured, verify that the user’s credentials are correct and active, and check the compatibility of user devices with WPA2-Enterprise.
No, eduroam does not work with captive portals. eduroam requires direct access to the network without any intermediate web-based login pages.
Email accounts used for eduroam authentication MUST end with a .ke domain, such as .ac.ke, .or.ke, .sc.ke, .go.ke, etc,.