Eduroam is an international roaming service for students, based on WPA2 Enterprise. Along with UCLA_WEB, it is a highly available network on campus.

Connecting to eduroam

NetworkManager fully supports WPA2. The simplest way to connect is to use a graphical frontend for NetworkManager. A minimalist option is to install nm-applet and nm-connection-editor , then fill in the following settings:

Note that setting “Do not require CA certificate” can be a security risk. If an attacker is impersonating UCLA eduroam, then he can steal your UCLA credentials. For added security, follow the guide on UCLA KB, and manually check the certificate:

Certificate Serial Number: 00 9F 1E 08 E5 C2 D9 F5 1D FC 52 66 9C 40 48 5D 90
SHA-256 Fingerprint of the Key: D8 62 DB 03 27 45 D1 AC 2E 36 0F 47 CA 9F 98 87 8F 30 6D A1 A5 31 AD 16 67 01 87 99 45 0D A0 D4
SHA1 Fingerprint of the Key: A3 11 21 86 DB 31 24 B2 56 0D 8F FB 86 47 C9 0A 8F 36 5D 78

For more information, see UCLA IT page, and for a more advanced setup, see the Arch Wiki.

For other networks (like UCLA_SECURE_RES), going to the following website: http://nmcheck.gnome.org/ should bring up the “Accept terms and conditions” page.

Connecting to UCLA VPN

The UCLA VPN allows you to access campus resources as even when you are away from campus. This is useful for downloading scientific journals, for example.

Open nm-connection-editor or a NetworkManager frontend from your desktop environment, and add a Cisco AnyConnect VPN connection with the following settings:

The same note about the security risk applies when you set CA certificate to none. After adding the VPN entry, launch nm-applet, connect to the VPN, and set the following

username: USERNAME
password: YOUR_PASSWORD/DUO_OTP

Note that you should append to your password after typing it a forward slash and the two factor authentication code from your DUO OTP.