Identity Based Wireless (ubcprivate)
"ubcprivate" is a the name of the UBC Identity Based Wireless Network. "ubcprivate" is the wireless extension of the Virtual Networks service and allows authorized users, when connected to the wireless network, to be placed directly into their department's own network and security domain. For more information, take a look at the Virtual Networks page.
So what does this mean for you? Say for example, your department operates the 10.10.10.* subnet. And on this subnet, your department has resources such as applications, servers, printers, etc. that are restricted only to that network. Previously, to access these resources, you would have to be physically in that building with your computer connected to one of the network jacks. Now, using "ubcprivate" Identity Based Wireless combined with Virtual Networks, you can be on a laptop or mobile device roaming anywhere on campus and be handed an IP address in the 10.10.10.* subnet, giving you the abilty to access your department's restricted resources as if you were physically there - you are "virtually" a part of your department's network.
- A departmental network that is Virtualized
- "ubcprivate" Identity Based Wireless will be an option when setting up a Virtualized Network
- CWL accounts assigned with a wireless departmental role
- CWL account administration will be provided to departmental or systems administrators
- A wireless device that supports WPA2 Enterprise/AES
- "ubcprivate" is setup in almost the same way as "ubcsecure"
The "ubcprivate" network supports WPA2 with AES encryption. A compatible wireless card with updated drivers and patches for your operating system may be required.
Since the "ubcprivate" network is similar to the "ubcsecure" network, you can adapt the more comprehensive "ubcsecure" documents to set up "ubcprivate" on your device (remember that your username will be in the cwluser.departmentid format for "ubcprivate").
Other Operating Systems or to use Manufacturer's Wireless Utilities
There are a variety of wireless enabled devices that might be able to use WPA2 but do not use the above operating systems. Additionally, some people prefer to use the wireless management utility provided by their manufacturer. Since we cannot cover every instance, the basic information you may need for the "ubcprivate" network are:
- Network/SSID: ubcprivate (you may have to manually type this in)
- Username: cwl.departmentid
- Network Authentication Method: WPA2 (also sometimes called WPA2-PEAP, WPA2-RADIUS, or WPA2-Enterprise)
- Data Encryption Method: AES (WPA2)
- EAP Type: PEAP
- Authentication Protocol: MS-CHAP-V2
- Certificate Server: secure.wireless.ubc.ca (if there is a mutual authentication option)
Frequently Asked Questions (FAQ)
I set up my computer or device to connect to "ubcprivate" but it refuses to connect. What do I need to do?
"ubcprivate" requires that your department upgrade their network to a Virtualized Network and request Identity Based Wireless as part of the Virtual Network setup process. After this is done, your departmental or systems administrator will:
- assign special departmental CWL roles to their users
- provide the users with the CWL departmental ID
- assist in setting up their users' devices to connect to "ubcprivate"
Why would I use "ubcprivate" departmental groups instead of the UBC VPN service with departmental groups?
Although both services provide similar solutions to connecting to a departmental network, "ubcprivate" is the preferred choice because:
- Your laptop or mobile device will be automatically and immediately placed in the departmental pool once it is logged in and authenticated to the wireless network. No need to do the extra step of connecting to the VPN service.
- Most, but not all, devices (especially many mobile devices) can use the VPN service - support for WPA2 Enterpise is more common.
- The VPN service cannot scale up to support more than a few thousand of users, whereas the UBC wireless network can support tens of thousands of users.
- By having a direct network connection through the "ubcprivate" wireless network and not proxying your network connection through the VPN servers, you will potentially have a faster connection with less latency.