PEAP provides more security in authentication for 802.11 wireless local area networks that support 802.1X port access control.PEAP authentication is managed between the PEAP supplicant and the authentication server (Radius).
The parameters used by the client in negotiating PEAP authentication are configured through the Windows Device Manager properties.
PEAP is based on server side EAP-TLS authentication.
With PEAP many organizations can avoid the issues associated with installing digital certificates on every client device as required by EAP-TLS; instead, they can select the methods of client authentication, such as logon passwords or OTPs that best suit their corporate needs.
Also PEAP is an enhancement of EAP-TLS authentication, PEAP encapsulates a second-phase authentication transaction within the TLS framework.
Note:- If you do not check Validate server certificate, user credentials are not protected by the EAP server certificate.