to Homepage
You are located in service Wi-Fi at RWTH Aachen
General information
IT Center Help

You are located in service: Wi-Fi at RWTH Aachen

eduroam for Windows
Print page

eduroam for Windows

guide

This page describes how to connect your Windows device to eduroam.

 
Before you configure your device, you must generate login credentials.

Following methods can be used to connect your device to eduroam (or RWTH-institutes):

Configuration with the eduroam Configuration Assistant Tool (CAT)

Please note
You will need an internet connection for this configuration. If you are currently at RWTH, you can use RWTH-guests.

Step 1
Visit the eduroam Configuration Assistant Tool (CAT) webpage on your device.

Step 2
Click on the button Click here to download your eduroam installer.

Screenshot of the CAT website. The button is located under "Connect your device to eduroam".

Step 3
Under "Select your Organisation", click RWTH Aachen University.

Screenshot of the CAT website. The institutions are listed by distance under "Organization".

Step 4
Click the eduroam button. The "eduroam-W10-RAU.exe" file will be downloaded to your device.

Screenshot of the CAT website. The eduroam button can be found under "Download your installer".

Step 5
Open the file to start the installer.

Step 6
Click Yes.

Screenshot of the pop-up window "User Account Control". The application you have to allow is called "eduroam installer for RWTH Aachen University". The verified publisher is "SURF B.V.".

Step 7
Click Next.

Screenshot of the eduroam installer. The "Next" button is located below a short text.

Step 8
Click OK.

Screenshot of a pop-up window in the installer. The message reads "This installer will only work properly if you are a member of RWTH Aachen University".

Step 9
Click No.

Screenshot of a pop-up window in the installation program. The message reads "Do you want to enable access on wired interface?"

Step 10
Enter your previously generated eduroam login credentials under "Username" and "Password".

Step 11
Click Install.

Screenshot of the installer. Under "User credentials" you have to enter your username (ends with @rwth.edufi.de), your password and repeat your password. Below that is the "Install" button.

Step 12
Click Yes, to confirm that you want to install a root certificate which is not part of your operating system. The Radius Certificate at the RWTH is issued by the DFN-Verein Community PKI.

Screenshot of a security warning. A text indicates which certificate is being downloaded. Here: DFN-Verein Community Root CA 2022. The "Yes" button is under the text.

Step 13
Click Finish.

Screenshot of the installer. After successful installation, the "Installation complete" window appears. The "Finish" button is located below the text.

Your device is now configured. You can log in to eduroam.

Manual Configuration

You can use this method to connect to RWTH-institutes.

We recommend that you use the CAT app to configure eduroam. If this does not work, you can set up eduroam as described below. In this case, you must select eduroam instead of RWTH-institutes.

Step 1
Switch on your Wi-Fi.

Step 2
Select RWTH-institutes from the list of available networks.

Step 3
Tick the box next to "Connect automatically".

Step 4
Click Connect.

Screenshot of the list of available networks. RWTH-institutes is selected. Under RWTH-institutes you will find the “Connect automatically” checkbox and the “Connect” button.

Step 5
Enter your previously generated eduroam login credentials.

Step 6
Click OK.

Screenshot of the list of available networks. RWTH-institutes is selected. Below it you can enter your login credentials. The user name ends with @rwth.edufi.de. The OK and Cancel buttons are located below the login form.

Please note:
If a Windows Security pop-up appears, please delete your Wi-Fi profile before proceeding.

Step 7
When connecting for the first time you need to manually verify that your credentials are sent to the correct radius server (i.e. the one at the RWTH). To do this, click on Show Certificate Details and compare the numbers displayed with the SHA1 fingerprint under Radius Certificate DFN-Verein Community PKI. It is best to establish your first connection within an RWTH building. To ensure that you are connecting to a trusted RWTH network, the data must match.

Screenshot of the list of available networks. RWTH-institutes is selected. Below it is a short text and the link Show certificate details.

Step 8
Click Connect.

Screenshot of the list of available networks. Below RWTH-institutes appears the SHA1 fingerprint. Under it are two buttons: Connect and cancel

Step 9 and 10

Since the DFN-Verein Community Root Certificate is not included in the certificate store of any operating system, you must import it manually. This certificate was chosen because of its long validity period.

Download and save the "DFN-Verein Community Root CA 2022" certificate.

Step 11
Double-click on the file.

Screenshot of the file in the download folder. Its name is "dfn-verein_community_root_ca_2022.crt."

Step 12
The "Certificate" window will open. Click Install Certificate.

Screenshot of the "Certificate" window. It shows the "General" tab. Under the certificate information, you will find the “Install certificate” button

Step 13
The Certificate Import Wizard opens. Select Current user as the storage location and click Next.

Screenshot of the certificate import wizard. You can select the storage location under the welcome text.

Step 14
Select Place all certificates in the following store and click Browse.

Screenshot of the Certificate Import Wizard. You can choose to either let Windows automatically select a certificate store or select one manually. The "Browse" button is located under that option.

Step 15
Select Trusted Root Certification Authorities and click OK.

Screenshot of the "Select Certificate Store" pop-up window. "Trusted Root Certification Authorities" is the second folder in the list.

Step 16
Click Next.

Screenshot of the certificate import wizard. "Trusted Root Certification Authorities" is now displayed under "Certificate Store."

Step 17
Click Finish.

Screenshot of the certificate import wizard. The selected settings are displayed. The "Finish" button is below.

Step 18
Click Yes.

Screenshot of the "Security Warning" pop-up window. The text mentions that the "DFN-Verein Community Root CA 2022" certificate will be installed. The "Yes" button is below the text.

Step 19
Click OK.

Screenshot of the “Certificate Import Wizard.” The text reads: "The import was successful."

Step 20
Click OK. The certificate is now installed.

Screenshot of the "Certificate" window. It shows the "General" tab. The "OK" button is located below the "Install Certificate" button.

Optional
To check if the certificate is installed, use Windows Key + R to open the run dialogue and enter "certmgr.msc" in the dialogue field. Click "OK" to open the Certificate Manager. In the "Trusted Root Certification Authorities" → "Certificates" folder, you will find DFN-Verein Community Root CA 2022 if the installation worked correctly.

Screenshot of the "Trusted Root Certification Authorities" tab. The root certification authorities are listed alphabetically in a table.

Step 21
In the Windows taskbar, search for “Control Panel” and click on View network status and tasks under "Network and Internet".

Step 22
Click WLAN (RWTH-institutes).

Screenshot of the Network and Sharing Center. RWTH-institutes can be found in the "View your active networks" section, next to "Connections."

Step 23
Click Wireless Properties.

Screenshot of the WLAN status window. The Wireless Properties button is located under Connection, after the Signal Quality details and the Details button.

Step 24
Click on the Security tab at the top of the page.

Step 25
Ensure that the following settings are selected:

  • Security type: WPA3-Enterprise
    • This option is not supported in all RWTH buildings, as it depends on what kind of hardware is currently installed. If the connection does not work with WPA3-Enterprise, please use WPA2-Enterprise.
  • Encryption type: AES
  • Network authentication method: Microsoft EAP-TTLS

Step 26
Click Settings.

Screenshot of the Security tab. The “Settings” button is located after the “Choose a network authentication method” drop-down menu.

Step 27
Set the following configuration settings:

  1. Tick the checkbox next to Enable identity privacy.
  2. In the field below, enter: anonymous@rwth.edufi.de or anonymous<-currentdate>@rwth.edufi.de or anything that ends in @rwth.edufi.de
  3. Under"Connect to these servers", enter: radius.rz.rwth-aachen.de;radius1.rz.rwth-aachen.de;radius2.rz.rwth-aachen.de;radius3.rz.rwth-aachen.de
  4. Under "Trusted Root Certification Authorities", tick the checkbox for "DFN-Verein Community Root CA 2022"
  5. Under "Client authentication", select Select an EAP method for authentication.
  6. From the drop-down menu below it, select Microsoft: Secured password (EAP-MSCHAP v2).

Step 28
Click OK.

 

Step 29
You are now back on the "Security" tab. Click Advanced Settings.

Screenshot of the "Security" tab. Advanced settings is the next button after the Settings button that you selected in step 26.

Step 30
Tick the checkbox next to"Specify authentication mode".

Step 31
Select User Authentication from the drop-down menu underneath.

Step 32
Click Save credentials.

Screenshot of the advanced settings, 802.1X settings tab. Steps 30 to 32 are the first 3 items on the tab.

Step 33
Enter your eduroam login credentials again.

Step 34
Click OK.

Screenshot of the "Save Credentials" pop-up window.

Step 35
You are now back to the "Security" tab. Click OK.

Screenshot of the "Security" tab. The "OK" button is located under "Advanced settings."

Step 36
Connect to RWTH-institutes again.

Your device is now configured and should be connected to RWTH-institutes.

You may have to enter your username and password again.

 

Additional Information

last changed on 11/12/2025

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License
Chat