By joining eduroam you extend the network to visitors at your institution without adding any additional maintenance responsibilities to your IT staff. Moreover, by extending the network, you help to guarantee access to your own students and faculty while they are abroad.

How can the eduroam-TT team help you?

Planning and implementing an eduroam deployment: The eduroam-TT team can help determine your institution's requirements for an eduroam deployment. Moreover, we can provide you with sample configurations for common RADIUS servers, if you plan on running your own, and help you integrate that RADIUS server with your institution's directory-service and the eduroam confederation as a whole.

Support for your institution's eduroam deployment and a supported top-level infrastructure: After eduroam is deployed at a given institution, we can provide support in the event of any incidents or interruptions of service. As the service matures the TTRENT team intends to develop monitoring and support tools to aid eduroam administrators in analyzing the performance and stability of the network as a whole. These tools will be available to the community as a whole and made open-source in an effort to allow community contribution and enhancement to adapt to the needs of the users.

How do I join?

Within Trinidad and Tobago member institutions of TTRENT can join eduroam. There are a number of requirements which must be met by each site, and information must be exchanged to enable integration into the eduroam infrastructure.

Minimal Requirements

The minimal requirements for a site wishing to join eduroam depend on whether that site plans to be a Service Provider (SP) site or an Identity Provider (IdP) site, or indeed both. It is hoped that sites will choose to act as both a SP and a IdP.

To join eduroam an institution must satisfy all of the relevant following requirements, some of which apply to only one of the services SP and IdP, and some of which apply to both, as indicated:

Requirement SP Idp
Agree to conform to, and sign the TTRENT policy
A local Radius server which may be configured to communicate with the national eduroam Radius gateways (FLR's).
Integration between the above institution Radius server and the institution user database.
A local wireless LAN service with the following features:
  • 802.1X enabled
  • Broadcasts an SSID of eduroam
  • Enforces encryption of level WPA2/AES
A publicly accessible web page on the institution's website which details the eduroam service provided, including information on whether eduroam user traffic is filtered, whether NAT is applied, etc.

For further information, please contact TTRENT at

Integration into the eduroam infrastructure

Once the above requirements have been met, an institution is integrated into the eduroam infrastructure by configuring a Radius server at their local site to communicate with the Federated Level Radius server (FLR). This requires that information on IP addresses, port numbers, and shared key/secret be exchanged and set accordingly at both sides.

Where a site is to act as an IdP it must also provide it’s unique realm so that authentication requests for users within that realm may be routed to the appropriate site. Within eduroam the convention is that the realm matches the site's primary domain name e.g. is the realm for TTRENT.