Wireless network (WLAN)

A wireless network, WLAN (Wireless Local Area Network), is a way of sending and receiving data without using cables. We are currently building a campus wide WLAN at Lund University for employees and students.

Our plan is to have wireless access covering the entire campus by the middle of 2010. Here is our current map of the wireless coverage on campus.

The outside coverage on campus will be limited and focus on those areas where you can sit and work and the area from Lundagård to Chemical Center (Kemicentrum) and Lund University school of business and economics (Ekonomicentrum vid Lunds Universitet). Here is our map of targeted outside wireless coverage .

The Lund University wireless network is available as a web-login connection and as an encrypted connection using the 802.1x standard. Authentication for employees at Lund University is made using Lucat and for students using the STIL login information. Lucat-responsible at a department (who it is is stated on the department web-page ) can generate temporary personal Lucat-identities for occasional users.

Students from other universities and collages that have eduroam  can now access the wireless network at Lund University while on campus.

In the same way Lund University users can also log in at other universities and colleges in Europe or Asia (for Europe see this eduroam map ) using eduroam by connecting to network eduroam and adding @lu.se after their userid. All other settings are the same as for Lund Universities encrypted network (801.1X). It is convenient to use this setting also when on campus since then you don’t have to change your settings while traveling back and forth.

There is an iPhone app named eduroam companion that shows where eduroam is available. Soon an Android version will be available.

Through a collaboration between Lund University and the municipality of Lund eduroam is now accessible at all their libraries, the town hall, main square and most of the schools. A similar collaboration is going on with Region Skåne so eduroam is available at the Clinical Research Center (CRC) and also at hospitals in the region. Eventually eduroam will be available on many places, see this eduroam "advertising" film .

Instructions to set up an encrypted login (802.1x) to eduroam

In the instructions below the protocols used are TTLS+PAP. It is now also possible to use PEAP+MsChapv2. These latter protocols are normally supported without any need to download and install additional software. Users who are new or haven't changed password in the last years must change password  to use PEAP. And temporary users must currently use protocols TTLS+PAP.

Below are step-by-step instructions in English for several operating systems.

• For Windows XP 
• For Windows 7  
• For Ubuntu and Linux Gnome 
• For Mac OS X ver 10.5.4+ (Leopard)
• For Mac OS X Lion you must use this profile 
• For iPad, iPhone and iPod touch 

For other operating systems, first read general settings  where you can see what values to use for Lund University. A client must support either the protocols TTLS+PAP or PEAP+MsChapv2 to connect to LU. Some mobile phones with Symbian OS have PAP support. Mobile phones with Android OS can be used. Mobile phones with Windows Mobile OS should work, maybe installing SecureW2 is needed. For Blackberry these links may give a hint: Cambridge BB instructions and Oxford BB instructions .

If while logging in there pops up a question about a certificate, check (you may have to click on View certificate) that the name is either radius1.lu.se or radius2.lu.se and that the issuer is GTE CyberTrust Global Root. If so, make it trusted, else reject it.

Users of eduroam configured with a home-VLAN are placed in their department net, others are placed in net 130.235.224.0/20 (netmask 255.255.240.0) with addresses 130.235.224.21 - 130.235.239.252. However, users connecting via Lund municipality access points are always placed in net 130.235.254.0/23 with addresses 130.235.254.21 - 130.235.255.252. Users connecting via Region Skåne are always placed in net 130.235.174.0/23 with addresses 130.235.174.21 - 130.235.175.252.

Login instructions for WLAN web login

Connect to network LU weblogon (key: lu2012-1) with key lu2012-1 then follow instructions for Windows  and for Mac. In July 1st the key will be changed to lu2012-2, on January 1st 2013 to lu2011-1, etc.

You should not any longer get a certificate warning. If you do, either you have connected to a deceptive AP (don't use it!) or the root certificate is missing. To add root certificates in Windows run Windows Update and select Update Root Certificates. For mobiles you may need to download the AddTrust Root Certificate  and open and install it.

You are placed in net 194.47.208.0/20 (netmask 255.255.240.0) with addresses 194.47.208.21 - 194.47.223.251.

Login instructions when you have no username

Connect to network LundU_limited_access and then start a web browser. On the login page that appears use username/password guest/guest and then press Login.

This service is intended to be used if you have no account at Lund University and want to surf locally to find information. For security reasons, when using this service you can not send mail or go to any source outside Lund University.

If you do have an account (Stil or Lucat) you should use eduroam or LU weblogon instead.

You are placed in net 172.31.16.0/20 (netmask 255.255.240.0) with addresses 172.31.16.21 - 172.31.16.251.

Sending email

To send email while on the network, use the SMTP-gateway mail.lu.se to forward your email.

Error reporting

Try to first fix the problem yourself. Things to try:

• Several errors are repaired if you change password (it works just as well to "change" to the same password you already have): change password .
• Ensure that the Domain field is empty (often there is UW, remove that).
• Try to remove the profile for the network (SSID) giving trouble and then recreate it using the instructions above.

Use Service Desk phone nr 29000 for error reports. In addition to the error desription, the following info is almost always needed: Date and time, network name (SSID), Lucat/Stil-id and the wireless Ethernet adress (also named physical address or WiFi address, it has 12 digits or letters grouped using 5 characters "-" or ":"). Do this to find the address:

• For Windows: Start -> Run -> cmd, type "ipconfig /all", look for the line with Wireless in it that does not have State: Not Connected, then Physical address.
• For Mac: Select Apple -> System settings -> Network. Click on AirPort in the list to the left and then on Advanced. Select tab Ethernet. The Ethernet address is shown at Ethernet-ID.
• For iPhone: Settings -> General -> About -> WiFi Address.
• For Android: Settings -> About phone -> Status -> Wi-Fi MAC Address.

Rules

Regulations  for IT security at Lund University

Back