Eduroam
In order to implement the security level in FBK, we do not recommend users to connect directly to the network "Eduroam" and authenticate by entering their FBK credentials and the domain "@fbkeduroam.it".
- Username: [email protected]
- Password: FBK password
Although this approach allows the user to connect, it exposes him to security risks and possible attacks.
The preferred approach is as follows:
- Delete the previous eduroam connection if it has already been configured
- Connect to the Eduroam CAT https://cat.eduroam.org/
(accessible for configuration also from the WiFi Guests network, without the need to authenticate)
- Select "Click here to download your eduroam installer"
- Select the Organisation "Fondazione Bruno Kessler"
- Choose the user group "FbkEduroam"
- Click on "eduroam"
TIP: For more information click the "i" button next to the "eduroam" button
The procedure differs depending on the operating system used:
A - Computer:
Windows: The downloaded file is a simple executable, just run the program.
Note: For proper operation, it is recommended to update to the latest supported version
Ubuntu e NetworkManager: The downloaded file is a python script, just open a terminal and write "python3 <path-file-downloaded>"
macOS: The downloaded file is a configuration profile, just click twice on the file
B - Mobile devices:
Android:
- versions over 11: You must install the geteduroam app from the Play Store (https://play.google.com/store/apps/detailsːid=app.eduroam.geteduroam&hl=en&gl=US&pli=1)
- versions lower than 11: You must install the eduroam XML file
iOS/iPadOs: The downloaded file is a configuration profile; to configure it, once installed, just go to settings. You can find the guide here.
Chrome OS: The installer is a file with the extension '.onc. To import it open Chrome and go to the chrome://network URL. Then use the "Import ONC files" button. The import is silent; the new network definitions will be added to your favorite networks.
The Certificate (available at this link yet) is automatically loaded by the application.
Fbk-Guests
The unprotected Guests network is designed for navigation only: infact, the devices connected to it do not communicate with each other and connections via Meet, Teams and Zoom may present difficulties and insufficient performance.
To adapt the FBK WiFi network to the latest security standards, an update of its functioning is underway and it has included a series of changes.
The following are the steps to finalize authentication with the new network, hereinafter referred to as FBK-Guests.
Click on the Wifi connection symbol at the bottom right of your desktop, select FBK-Guests and click Connect.
NB: Please note that this network is open, so pay special attention to the information shared, as it could be intercepted by potential malicious actors.
2. The browser opens to the main screen:
As you can see, network authentication requires to have an email address (click on Register - instructions at point 3) or a verified personal Google profile (Sign-in with Google - instructions below).
With the second method, after clicking on Sign-in with Google, you choose your email and by clicking on Continue you are automatically authenticated.
If you use fbk.eu on an unauthenticated browser, you will be asked the additional MFA multi factor authentication.
3. To register with the first method, enter your e-mail, select the Checkbox (after reading the Terms and Conditions in the link) and click on Register.
NB: On the new FBK-Guests network you will no longer be able to use institutional FBK credentials. It will still be possible to register with any email address, including FBK's, or to use the sign-in with Google.
4. At this point the registration email has been entered in the system as Inactive.
To activate it, you must verify it by entering the code sent to the chosen address.
Then access the mailbox, select and copy the code:
Return to the authentication screen and paste the code into Verification code, then click on Verify e-mail address:
At this point the email in the system becomes Active with the expiration date at midnight of the current day, as provided by the configuration.
5. If the process has been successful you will receive in your mailbox from [email protected] the following welcome e-mail:
NB: The password related to the process is only used if you disconnect and reconnect at another time or from another device, always within the validity period.
If you are always logged in, the verification of the e-mail is valid as sign-in to the system and no need to enter anything else.
6. You are now successfully connected to the selected FBK-Guests network. The connection will be valid until midnight of the current day and for up to two devices simultaneously per user.
As specified in the Terms and Conditions, the use of the Service is strictly personal and the User agrees not to allow its use in any way to third parties. The User will be liable for any damage resulting from the use of his credentials by others.
On the other hand, the Bruno Kessler Foundation only identifies the e-mail address of the User, in no way associated with the owner’s personal data, and keeps an electronic register with absolute confidentiality character, which monitors the operation of the Service.
7. At the end of the configured access period, the user returns to Inactive mode and if he tries to use the password received in the welcome email he receives the error Account Expired.
To reconnect, the user must restart from step 1.
NOTES:
- If the user does not receive the verification and/or confirmation email, he must check his Spam folder and mark it as
"not Spam"; - If the user does not complete the verification part, he never becomes active. The verification works only if he is connected to the FBK Guests network;
- The connection time starts from the moment the registration has been verified, until midnight, and does not renew; verification code and welcome email password are therefore valid only for the day in which the registration was made;
- To reconnect after the deadline, the user must re-register from the beginning, entering the verification code and then receiving the confirmation via a new welcome email;
- If the user enters an incorrect email or password in the initial sign-in, he is refused
- A user can be deleted at any time by an authorized operator, in case of violation of the terms of use.