PEAP, or Protected Extensible Authentication Protocol, is an authentication protocol that encapsulates EAP within an encrypted and authenticated Transport Layer Security (TLS) tunnel. When MS-CHAPv2 is used as the inner method, it provides a secure authentication environment that protects the exchange of credentials and supports mutual authentication. The Cisco Identity Services Engine (ISE) must be configured with PEAP to support RADIUS-Based Authentication with EAP MS-CHAPv2. References: Cisco Identity Services Engine Administrator Guide