Wireless network on FI
The wireless network works on hardware that complies with IEEE 802.11a, 802.11g, 802.11n standards. Since the fall of 2019, the faculty's Wi-Fi infrastructure has been based on access points UniFi AP HD .
Eduroam ( EDUcation ROAMing ) is an international project supporting the mobility of users in academic networks. It allows users to connect to the networks of all participating organizations (especially wifi). In the case of radio overlap of multiple networks (belonging to different resource providers, with different IP subnets, etc.) with the same SSID, this SSID is set in the format "eduroam- [inst]", where [inst] is a well-understood abbreviation representing the organization name.
There is one Eduroam network provider in the FI building. ESSID eduroam covers the entire FI building. Communication between the computer and the wireless access point is secured using WPA / WPA2. The segment 188.8.131.52/22, resp. 2001: 718: 801: 22c :: / 64. Connected stations dynamically obtain their IP address via DHCP. Unlike wlan_fi, it is not necessary to activate your machine after connecting to the network.
Instructions how to connect to eduroam network .
To access this network, it is necessary to connect to the ESSID
wlan_fi . After assigning an IP address, only access to DNS servers and to is allowed from the station
https://fadmin.fi.muni.cz . An authorized user has the option to activate their machine using URL access
https://wifi.fi.muni.cz , where it must authenticate using the faculty login and faculty password. Access is limited to a maximum of a few hours.
An authorized user can also activate his machine using the captive portal, which redirects him to the login page, where it is necessary to authenticate using the faculty login and faculty password. Access is also limited in time to a maximum of a few hours. If the captive portal does not appear automatically, it is necessary to go to the browser and open an HTTP-only page, e.g. http://neverssl.com , and you will then be redirected to it.
Staff and doctoral students have the opportunity to create short-term accounts for guests or events.
Segment 184.108.40.206/24, resp. 2001: 718: 801: 22b :: / 64. Connected stations dynamically obtain their IP address via DHCP.
After activation, access to the Internet anywhere outside the FI network is allowed from the respective assigned IP address. From the point of view of the FI network, the connected computer is treated in the same way as any other computer outside the FI network. Therefore, all FI services that you can use should work, for example, if you are connected through another ISP. Conversely, some services will not work - for example, disk sharing via NFS and SMB (Windows).
The faculty firewall tests whether the activated computer is still active. If it does not respond to a ping (ICMP echo request) or ARP query for more than 5 minutes, the activation of the given IP address is canceled and the user must reactivate his address using the above URL.
Users must be aware that all communication between their computer and the wireless access point is eavesdropping, and even a potential attacker has the option under certain circumstances to take over their address and thus "hijack" existing connections. It is therefore recommended to use secure encrypted protocols (such as HTTPS, IMAPS, POP3S, and SSH) for both logon and data transmission.