For "Data encryption", select "Temporal Key Integrity Protocol" i.e. However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).

AES is optional in WPA; in WPA2 both AES is mandatory, BUT TKIP is optional.

This whole window is a very important security feature because Wireless LAN to be locked by your Certificate Authority and not anyone else's.

"Machine Authentication" is needed to recreate the full "Wired" experience.

In order for "Machine Authentication" to work, PEAP only requires that a Computer is joined to the domain.

If using OS X, sometimes it can take up to 10 seconds for authentication to complete.

This can occur if the if the RADIUS certificate, or any certificate in the chain, is configured or CRL or OCSP.

Note that TKIP is not directly comparable to AES; TKIP is an integrity check, AES is an encryption algorithm.

In the context of wireless security this actually means TKIP vs. TKIP is a lower end encryption protocol (WEP2) and AES is a higher end (WPA2/802.11i) encryption protocol.

In first phase the client authenticates the server using a TLS -Transport Layer Security, certificate-based mechanism.

This establishes an encrypted tunnel through which the second-phase PEAP credentials may be securely exchanged.

The computer will use its "Computer Password"to log on to the network.