A knowledge base article about Berkeley-IoT FAQ (Wi-Fi for Internet of Things Devices) provided by the UC Berkeley IT Service Hub - Knowledge Portal
The Berkeley-IoT Wi-Fi network provides service for Internet of Things (IoT) devices as well as any other devices that require a pre-shared key instead of a username and password. IoT provides Wi-Fi to devices that don’t support eduroam.
The Berkeley-IoT network provides the same network access as eduroam, our primary Wi-Fi network, to devices that do not support username and password based Wi-Fi networks. In general it should be used when a device is unable to join eduroam, but a detailed description of the UC Berkeley Wi-Fi networks and their users can be found on the Technology Wi-Fi information page.
Berkeley-IoT is available to everyone who uses eduroam: Faculty, staff, students, associates, and special purpose accounts (SPA)
Each Berkeley-IoT device uses an individual password. The passwords for your devices may be set to the same text, but each one is treated independently. This means that changing the password for a single Berkeley-IoT device will disconnect it from Berkeley-IoT within the following hour. To reconnect the device, enter your new password when prompted or use the management utility for that device to update the password.
Similar to the wired networks a VPN like GlobalProtect is required in addition to the network connection. Devices requiring access to, or transmission of, P3 and P4 data must use the bSecure Remote Access Service (GlobalProtect) in addition to Berkeley-IoT to ensure compliance with data protection requirements or have a security exception from the Information Security Office.
If a department requires devices connected to Berkeley-IoT Wi-Fi to access their P3 or P4 data please open an Other Data Networking Service TelCat Request to request a consultation.
Home Wi-Fi networks are designed to be as simple as possible for people to use: one password you share with your family and friends. Every device uses that one password to quickly and easily connect.
The Berkeley-IoT Wi-Fi network is an enterprise network that has been made simpler to use, but it is still an enterprise network that requires specific settings. Berkeley-IoT needs to verify individual devices instead of allowing everything and everyone to connect.
We've made it as easy as we can, but unfortunately, it can't be as easy as at home.
Yes, all devices using a users eduroam account, or registered using that eduroam account for Berkeley-IoT can discover each other within their area. See Wi-Fi Device Discovery on eduroam and Berkeley-IoT for more information.
The Berkeley-IoT Wi-Fi network uses the devices wireless MAC address to identify it on the network. This is how the passwords are mapped to devices. If private, random, or MAC security is enabled the device changes its MAC address every time it connects. Changing the MAC keeps Berkeley-IoT from being able to identify the device.
As of May, 2026, Berkeley-IoT devices are no longer required to have unique passwords. Users of Berkeley-IoT can use a single password for all of their devices, or one password for some and different passwords for others.
There isn't currently a way to change all of the passwords at once, so a user must do a password change on each device to make them use the same password.
Just like with eduroam, if your department, team, or lab has shared devices you can use a SPA, or Special Purpose Account, to manage access. This allows device accounts to be managed by more than one person and is better than having everything under an individual account. Learn more about SPA accounts on the CalNet website: calnet.berkeley.edu.
UPnP is something home networks do to make it easier for the internet to talk to your device. UPnP is needed for things like multiplayer games on PlayStation and XBox so the game systems can talk to each other over the internet. Enterprise networks like Berkeley-IoT do not support UPnP, but you can follow these steps to get your device working:
Please be aware that your device is now on the Internet without any protections, so be sure it's up to date and if it has a firewall it is enabled.
If you've changed your CalNet username the Wi-Fi system will view you as a new user with all of your devices still associated with your old username. Your devices will continue to work for some time like this, but you will be unable to modify (rename, delete, change settings) them in any way until they are reassigned to your new username.
If this is what you've run into please contact the service desk and ask for your Berkeley-IoT devices to be ported from your old username to your new username.
Yes, you can register your wireless MAC address in SocReg in the same way you register your wired MAC for dynamic DNS on the wired networks. Once your wireless MAC is registered and you select the dynamic DNS option it will start to work when your device connects (after a 20 to 30 minute wait for the change to register on the network).
Please note that the dynamic DNS entry is for your MAC address on that specific device and not associated with your eduroam account. This means if the device switches between eduroam and Berkeley-IoT it will still use the same DNS entry, also if a different user logs into eduroam it will continue to use the same DNS entry.
No. The eduroam Wi-Fi services uses many networks spread across all of the wireless infrastructure. A fixed DHCP address depends on your device being connected to the same network all of the time. With wireless your device can be assigned to a new network with every connection. Even if your device stays at the same location its network can change if it disconnects or roams between different access points.
UC Berkeley uses modern wireless access points installed in a pattern to support the population density and use of the different Campus locations. There are multiple generations of access points but all support 802.11ac or faster. Individual speeds can vary as it is highly dependent on the computer being used, the operating system and Wi-Fi drivers, and how busy it is (the number of applications running on it such as antivirus, web browsers, document editors). Two computers of the same make and model will see different speed test results if one is only running a standard web browser and another has antivirus, antispyware, word processing apps running and an add blocker in the browser.