eduroam(uk) Service Provider Assurance Tool User Guide for Sys Admins Introduction Using the tool

Similar documents
Introduction to eduroam

How to connect your device using eduroam

Microsoft NPS Configuration Guide

Eduroam wireless network - Mac OSX 10.5 Leopard

Connect to eduroam WiFi

Quick Installation Guide

Who can use eduroam. Participating Organizations. How does eduroam work

Integration Guide. Eduroam

Connecting to the Eduroam WiFi

Rhodes University Wireless Network

Your wireless network

New Windows build with WLAN access

Self-Service Diagnostics and eduroam as-a-service

Edith Cowan University Information Technology Services Centre

eduroam(uk) Technical Specification

INFORMATION TECHNOLOGY

EacMonsterNet Wireless Access Windows XP Computers

300Mbps n Wireless. In-wall Access Point WNAP-W2200

Senate House Library Guide Connecting to wifi

The SU1X 802.1X Configuration Deployment Tool

Quick Installation Guide

Dolphin-M. User s Manual

Please note, instructions in this guide are based on a PC running Windows 7. Please adapt the actions to suit your operating system.

EacStudent Wireless Access for Windows XP / 2000 Computers

Chapter 4 Advanced Settings and Features

WI-FI HUB+ TROUBLESHOOTING GUIDE

How to connect to Wi-Fi

User Manual Edition: v a

Rugged Outdoor Wireless-N Access Point - 2.4GHz - PoE Powered - Metal IP67

54Mbps Pocket Wireless Access Point (WL-330g)

Wireless 11n Smart Repeater AP (1T1R)

User Manual DIR-850L. Wireless AC1200 Dual Band Gigabit Router.

Cisco WAP121 Wireless-N Access Point with Single Point Setup

Quick Start Guide for Standalone EAP

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE

Linksys Wireless G Access Point Default Ip >>>CLICK HERE<<<

NAP ac Dual-Radio Smart Antenna 3x3 Nebula Cloud Managed Access Point

Channel Layering with Load Balancing Configuration Note

54,23 USD gross 44,09 USD net

1750Mbps 11ac Dual Band Wall Mount Enterprise Wireless Access Point WDAP-1750AC

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

D G

2016 AHA ANNUAL SURVEY WALK-THROUGH THE 2016 AHA ANNUAL SURVEY ONLINE

802.1X Deployment with SU1X

IT Quick Reference Guides Connecting to SU-Secure using Windows 8

Cisco WAP321 Wireless-N Selectable-Band Access Point with Power over Ethernet

Application Example (Standalone EAP)

Cisco WAP321 Wireless-N Selectable-Band Access Point with Power over Ethernet

Nuclias by D-Link is a complete cloud-managed networking solution for small to medium-sized organisations with one or more sites.

Wireless Security Guide (for Windows XP, Windows Vista, Windows 7, Mac OSx)

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask

Wireless Security Setup Guide

Windows 7 Configuration for ORU Wireless Networks

AC1200M/MS. User Manual

Residence Towers Network Access for Windows XP / 2000 Computers

GFence Integration. with Aruba ALE Configuration guide

Introduction to eduroam

eduroam Web Interface User Guide

HCC Wireless Instructions for Windows 10 (long version)

ScreenBeam Central Management System (CMS) Centrally Manage Receivers

Managed Gigabit Wireless Access Point, 300Mbps n, 802.3af PoE, Detachable Antenna

Cisco Unified IP Phone Installation

300Mbps Wireless Gigabit PoE Access Point

PACKAGE CONTENTS. HDMI-to-HDMI Cable. NovoEnterprise. Remote Control. Wall Mount. USB Power Adapter. Antenna. Battery. USB-to-DC-in Power Cable A B C

IMW-C910W. User Manuel

Auburn Montgomery AUM Wi-Fi. Windows 7. User s Guide & System Documentation

Security SSID Selection: Broadcast SSID:

OWL630 OUTDOOR ACCESS POINT

Johns Hopkins

Click on Close button to close Network Connection Details. You are back to the Local Area Connection Status window.

VMware Avery Dennison Printer Integration Guide Integration with Workspace ONE UEM

Let s get started. Need more help getting started?

LockView 5 / 5Pro CompX Database & Network Configuration & Installation Manual

AN APPLICATION OF ENTERPRISE WLAN SYSTEM FOR A UNIVERSITY CAMPUS

simplifying... Wireless Access

Netis WF-2411 Quick Configuration Guide NTC November TCS Webinar 1

123 Manual, LP-1522 Broadband Wireless AP/Router, Point to point/ Point to Multipoint plus Access point installation mode.

Configuring a VAP on the WAP351, WAP131, and WAP371

NCR. Wi-Fi Setup Assistant. User guide

QuickSpecs. Models HP ProCurve MSM335 Access Point WW

egauge Display Caster setup and manual

Wireless Access Point User Manual Linksys Router With 4-port Switch

NAP ac Dual-Radio External Antenna 3x3 Outdoor Nebula Cloud Managed Access Point

WAP9112/9114 Quick Start Guide

Future Considerations

Hardware overview. Package contents V-M200, documentation, three antennas, and power supply.

1.3 More information about eduroam is available at the relevant eduroam Service Provider (ESP) website detailed in Schedule 1 of this document.

Policy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps)

WNAP-W2200UE. AP/Router Mode. Client Mode. WDS Bridge in PtP Mode WDS Bridge in PtMP Mode. WDS Repeater Mode Universal Repeater

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

Assure the Health of Your Network

Connecting to the eduroam Wireless Network. 1. If you are using a PC, move the. 2. Next Click or Tap the Settings. Help Sheet Windows 8.

Manage Devices - Clocks, Gateways & Networks

Netsight. End User Guide. Revision History. Author Issue Date Description. Andrew Longmore V1.R1.M0 12-Jun-2009 First draft

NexGen Solutions Education Guide

HiveManager Local Cloud

Figure 5-25: Setup Wizard s Safe Surfing Screen

DHP-W313AV. PowerLine AV500 Wireless AC600 Starter Kit. Product Release

BR411AP n Wireless Access Point and Bridge

User Manual. Biscuit IMW-C610W

Transcription:

eduroam(uk) Service Provider Assurance Tool User Guide for Sys Admins Introduction The eduroam(uk) Service Provider Assurance Tool is the latest test/monitoring module to be added to the eduroam(uk) Support System. The tool has been designed to help the system administrator to assure the Visited Service. The key benefit of the tool for the sys admin is the facility to test compliance with the Technical Specification of the Wi-Fi and eduroam Visitor network served by the nearest AP to the device. The unit effectively emulates a visiting user s device trying to access your eduroam Visitor service and provides you with the means to test satisfactory performance and to monitor your service over time. The aim is to help ensure that the user experiences a consistent service throughout your eduroam service zone you can move the devices to any part of your campus or other sites as you wish. The tool comprises: Support server web front end Support server database extensions for monitoring unit deployments Reporting system to enable results of monitoring checks to be returned to server Monitoring checks results database On-site monitoring unit Although the devices will nominally remain Jisc Technologies (Janet) property, we are not expecting any return of the units sent out, apart from the case should we need to do a complete upgrade/rebuild of the software image. It is anticipated that the devices will form the basis of a permanent deployment to enhance the service. One monitoring unit will be registered by eduroam(uk) in the Support server database to each participating organisation and will be delivered to the main technical contact. Additional units will be available in the future to organisations for a modest charge. The current generation of monitoring units only work in the 2.4GHz band, but it is hoped in future a 5GHz capable device will be developed once a suitable platform becomes viable. Development effort is focussed on production of further tests, including ports and protocols checks. The software installed on the monitoring units is open source and available on GitHub should you wish to see it and perhaps contribute to development. Using the tool 1) Registration of the monitoring unit to the specific site you will be deploying it to will be necessary before it is able to work with the back end SP Assurance Tool system. You will have previously registered your site(s) on the eduroam(uk) Support server and populated the information fields with details about the services at your various sites. Some organisations register just the one default/main campus site, whilst most organisations have registered many of their sites/major buildings individually in order to provide greater granularity for the benefit of users and the European database/map generation system. Now the benefits of having registered sites individually become apparent i) you have a means of recording whereabouts on your extensive and multicampus/site/building networks you have deployed the monitoring unit and ii) you will be able to deploy multiple monitoring units.

How to register a monitoring unit to a specific site. Go to the eduroam(uk) Support web site and from the left hand menu go to the Site Locations and the specific site information page for your target deployment location/building. The example below shows selection of Lumen House. Figure 1 Using left hand menu navigate to specific site Lumen House Near the bottom of the right hand panel you ll find a drop down list for the monitoring unit (probe) registered to your organisation. Select the monitoring unit ID and click Update Location. Figure 2 Select probe ID (e.g. 1004) and update your location 2) Deploy the monitoring unit. You will need to take reasonable care of the unit and deploy it in a reasonable secure location. The units are powered via their mini-usb ports and so can be directly connected to a PC/Mac/TV screen or power using the mains power adaptor included). The units can report their test results over an Ethernet connection, but they do not support POE - although you could deploy a POE-DC adaptor (5V 1A mini-usb). The units send the results of their last tests, currently every 15 minutes, over the Wi-Fi connection that is established during the tests. They cannot use a wired Ethernet connection at present, but this facility is being explored as part of the development programme. Note, the unit will only check the eduroam service provided through the Wi-Fi access point it associates to. In order to build up a comprehensive evaluation of the compliance of your service you can reposition the unit around your site(s) as you wish. If your eduroam visitor network service is provided using multiple separate VLANs/networks you may wish to locate the monitoring unit at suitable locations in order to check each of these. As mentioned above, additional units will be available in the future to organisations for a modest charge.

3) View the results of the checks. Once the monitor unit begins reporting the results of its last tests sweep, the results will be available on the eduroam(uk) Support web site - through the eduroam UK probes section. From the left hand menu, select eduroam UK probes. This takes you to https://support.roaming.ja.net/?q=probes Organisation status and tests summary page. The monitoring units status and tests summary for all participating organisations page is displayed. For each organisation, if all the available checks of mandatory requirements of the Tech Spec are satisfactory for the last checks reported, the Checks result displays OK. If any tests returned a fail, the Checks result will display WARN. Figure 3 eduroam(uk) SP Assurance Tool summary page

Organisation and site status and tests summary page. To drill down to the results for a particular site, click on the organisation name. All sites where a monitoring unit has been deployed for that organisation will then appear below the organisation name. In the screenshot below, Janet(UK) - Lumen House has appeared below Janet(UK). Figure 4 Clicking on Janet(UK) results in sites where monitoring units deployed - Lumen House

Results of the latest sweep of checks can be displayed by clicking on the site name. All of the results of the most recent test sweep that was reported by the monitoring device at the site will be displayed. By hovering over individual test descriptions, the sys admin can see further data relevant to the particular test. Figure 5 Last reported checks result

Historical results of individual checks. A left click on a particular test will result in a page opening which displays historical reported test results in graphical form. A sys admin can thereby check that the reports for their service are stable over time, which may help in investigation of any reports of service fluctuation. If you move your cursor to the graph traces, the timestamps of the reported results will pop up. The screenshot below provides an example of the PEAP/MSCHAPv2 (with@realm outer) Authentication Test (PEAP-MSCHAPv2 rfc) for Janet(UK) - Lumen House. Figure 6 Graphical representation of historical test results Provide Feedback Please let us have any feedback from your experience, comments, ideas for further tests. Hopefully your Visitor services will all be compliant with the Tech Spec, but if not you ll have the knowledge that some investigation/corrective work would be useful! For further information on feedback, please see: https://community.ja.net/groups/eduroam/document/eduroam-qos-monitoring-probe-phase-2- field-trial-feedback

Test Suite The current test suite currently comprises: Tech Spec Compliance Checks PEAP/MSCHAPv2 (with @realm outer) Authentication Test Incorrect use of eduroam SSID e.g. Eduroam or eduroam-web TTLS/MSCHAPv2 (with @realm outer) Authentication Test TTLS/MSCHAPv2 (with anonymous@realm outer) Authentication Test PEAP/MSCHAPv2 (with anonymous@realm outer) Authentication Test Site uses WPA2/AES Check whether NTP is allowed Information Only Checks Site uses NAT Site uses RFC1918 Addresses Site uses WPA Remember only the eduroam Wi-Fi and eduroam Visitor network services served by the nearest AP is checked. Monitoring Unit Test Suite Updating Mechanism The monitoring units have a built-in automatic update mechanism which means that changes to the test scripts and new tests developed by eduroam(uk) can be added remotely to deployed units. At the end of reach reporting event a check is made for new/updated code and if such code is available the new code will be download and installed.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback