Access to the eduroam wireless network
The access to the Wi-Fi is available in all equipped areas of the campus via a WPA2 secure connection with PEAP authentication.
How to set up
If you do not have an account for the WLAN / VPN access, you must apply for it first.
You have to do the following steps to configure your WPA access:
- If you already have an account for the VPN service, you can also use it for the Wi-Fi access. In case you have a very old account, you may need to change your password once (see box below right).
- Set up the access on your PC. You can find instructions for the configuration listed below on this page.
- After the first successful login, the computer automatically connects to the wireless network without entering a password each time when it is in reach, even after a reboot. If this is not desired, you should disable the "Wireless Network Connection" when it is not in use.
Automated eduroam configuration by using the eduroam CAT tool
With the eduroam CAT-Tool, you can now easily configure your wireless devices for eduroam access.
By accessing the website:
and clicking on "Click here to download your eduroam installer", you can choose your home institution (the institution that provided your login credentials) from a list. On the following screen you get a link to a configuration file adapted to your operating system.
You can get more information on the configuration procedure by clicking on the i-Symbol next to the download area.
During installation you will be asked for your username and password. In the username field, please enter your username followed by the realm of your home institution.
E.g. for the university of Hannover this would be:
for employees according to the format:
for students according to the format:
After a few moments you should be connected to the eduroam network.
Technical parameters in shortform
- Encryption: WPA2 (AES)
- Authentication: PEAP-MSCHAPv2
- Server certificate derived either from root certificate "T-Telesec Global Root Class 2" (for newer profiles) or "Deutsche Telekom Root CA 2" for older profiles (only valid until July 2019!)
- Common Name (CN) of the Radius-Server: "radius-dfn.rrzn.uni-hannover.de" or "radius-
- A WLAN module with WPA2 encription and the standards 802.11a/g/n or ac is required. An access via the older and unsafe WEP encryption is not possible.
- You can recognize the areas where the WiFi access is available based on the broadcasted SSID eduroam. The SSID is visible even if you have not configured the access.
- The access can be done with the same user name that is used for VPN access.
- Note: The username for eduroam is your LUH-ID with the extension "-W1uni-hannover.de", for example 123-ABC-W1uni-hannover.de
- The server certificate verification should definitely be enabled for security reasons. The
server certificate is derived either from the root certificate "T-Telesec Global Root Class 2" (for newer profiles) or "Deutsche Telekom Root CA 2" for older profiles (only valid until July 2019!)
- Please check the Common Name (CN) of the radius server at the first connection. The name must be "radius-dfn.luis.uni-hannover.de" or "radius-dfn.rrzn.uni-hannover.de". If you have not displayed one of these Common Names, you should abort the connection and contact us.
- This access is supported for Windows from XP SP1 and for MacOSX 10.3 without installing any additional software.
- For Linux you need the software xsupplicant or wpa_supplicant in any case. However, the Network Manager is already installed by default in many distributions. In this case the settings can be made via the graphical interface.