What is the difference between EAP-TLS and PEAP?
Long story short - we use certificates to authenticate wireless clients - they have to members of AD, and we use computer/machine certs/auth for this setup and it works great.
The EAP method we use here for Windows is PEAP with MSCHAPv2.
We recently added Apple macbooks to this mix, and it also works great, but only if we use EAP-TLS.
(When you look at the connection profile for the Mac, in Screenshot #1, you wont see EAP-TLS, instead you see "Smart Card or Other Cert" once I added that, the connection started working, and Apple OS X reports its using EAP-TLS
It took me awhile to figure it out, and I only got it working after I added "Smart Card or other Certificate" in addition to PEAP for the EAP method on our Network Policy Server -
screenshot # 1 ( We have a separate policy for Windows clients, see second screen shot)
How come I need this extra bit for the macs to get on the RADIUS with machine auth?
What is the major difference between these two methods?