This site requires JavaScript to be enabled
An updated version of this article is available

Encrypted Network Communication EPS Control for macOS with eduroam

KB0017275  -  v10.0 (Outdated)
1101 views

12.0 - Updated on 2025-03-03 by Peyton Armstrong

11.0 - Updated on 2024-10-16 by Darrick Bremner

10.0 - Updated on 2024-05-16 by Darrick Bremner

9.0 - Updated on 2024-05-03 by Peyton Armstrong

8.0 - Updated on 2024-05-03 by Darrick Bremner

7.0 - Updated on 2024-04-29 by Peyton Armstrong

6.0 - Updated on 2024-04-29 by Peyton Armstrong

5.0 - Updated on 2024-04-26 by Peyton Armstrong

4.0 - Updated on 2024-04-26 by Peyton Armstrong

3.0 - Updated on 2024-04-26 by Peyton Armstrong

2.0 - Updated on 2024-04-25 by Peyton Armstrong

1.0 - Authored on 2020-08-05 by Peyton Armstrong

This article provides instructions as a guide to join a participating institution’s eduroam network if you are using the eduroam device certificate deployed by your IT support unit.  All eduroam information and processes can also be found on the primary service page for eduroam at NC State. 

 

Table of Contents

 

 

Information

 

In order to build NCSU’s cybersecurity practices and adhere to policies, this process and continued use of the eduroam network enhances endpoint compliance for with RUL 08.00.18 – Endpoint Protection Standard requirements for use of encrypted networks on Macintosh laptops in the OIT Managed Desktop Service environment.

See EPS Security Controls

Requirements

The device must have been 1.) configured by your IT support staff to receive the eduroam trusted device-based secure certificates which will auto-enroll you into eduroam or 2.) must have been enrolled in eduroam by you on the NC State campus using your user credentials.  Consult your service desk or technical support for assistance with these registration processes if you are unsure if your device has been prepared to participate.

 

eduroam Device Certificate User Experience

Once your macOS computer receives the eduroam (Device) configuration profile from our Configuration Management System (CMS), and if Wi-Fi is enabled, your computer will automatically authenticate and connect to the eduroam wireless network if in range.  macOS provides a few different graphical ways to confirm you are connected and verify correct configurations if troubleshooting is required.  

 

Am I connected?  

System Preferences -> Profiles preference pane -> EDUROAM (Device) 

Note: The "EDUROAM (Device)" configuration must exist on your macOS computer in order to connect to the eduroam using the device-based profile.  If you do not see this configuration profile, please contact the helpdesk.

Make sure the wireless funnel has √ eduroam

Network preference pane showing the client connected to the network.

 

Configuration Information

System Preferences -> Network -> Advanced -> 802.1X

System Preferences -> Network -> Advanced -> Wi-Fi

 

FAQ

 

1.  Will it cause problems if I already enrolled myself in eduroam?  

No - If you are already enrolled in eduroam, no need to worry, the additional configuration profile on your macOS computer will not cause any issues.  Check out the screenshots below.

System Preferences -> Profiles (user-based eduroam configuration profile)

System Preferences -> Profiles (device-based eduroam configuration profile)

 

2. How do I know if I am connected using the user-based profile or the device-based profile? 

After the device-based eduroam profile is installed and the computer is restarted, your computer should connect to eduroam using the device-based profile.  The first two images let you know if the user-based profile is being used.  The last two images indicate your computer is connected with the device-based profile.

System Preferences -> Network (user-based eduroam configuration)

System Preferences -> Network -> Advanced -> 802.1X (user-based eduroam configuration)

System Preferences -> Network (device-based eduroam configuration)

System Preferences -> Network -> Advanced -> 802.1X (device-based eduroam configuration)

 

3. I see that i am connected to the user-based eduroam, and both configurations are installed.  How do I make it switch?

Restart your computer

 

Troubleshooting

As the end user, there are a few of things that you can do troubleshoot.

  1. Verify that you have the device-based eduroam profile and ensure your connection is based on that configuration.
  2. Toggle Wi-Fi off /on
  3. Restart your computer 

 

 

 

 

 

Escalation

 

Any questions on process or content contained in this document should be escalated through the NCSU Help desk and a have an incident assigned to the OIT_DESKTOP_SUPPORT team. 

 

 

Related Documentation

 

https://policies.ncsu.edu/rule/rul-08-00-18/#Encrypted_Network_Communication

https://policies.ncsu.edu/rule/rul-08-00-18/#security_controls

https://wifi.ncsu.edu/eduroam/

https://ncsu.service-now.com/sp?id=index

 

 

Title:  Encrypted Network Communication EPS Control for macOS with eduroam
Service:  Desktop and Mobile Device Support
Template if applicable:  NA
Assignment Group(s):  OIT_SUPPORT_SUPPORT
Document Owner:  OIT_SUPPORT_SUPPORT
Available Priorities:  All Priorities
Keywords:  apple, macos, eduroam, wireless, encrypted, network, wifi, wi-fi, WiFi, funnel, ssid, name, oitmds, managed desktop

Revised by Darrick Bremner
Last modified 2024-05-16 16:01:18