While the first four use only username and password combinations for authentication, the EAP-PEAP algorithm utilizes the server's certificate for authentication, and EAP TLS authenticates both the client and server with certificates (for more information about certificates, refer to the 'Certificates' section of the OpenRG User Manual).
When a request is received from a client, a negotiation begins in which certificates are passed between the client and server, resolving in either acceptance or rejection.
In the 'EAP-TLS Authentication' section of the 'RADIUS Server' screen, you can select the certificate by which to validate wireless clients. Select "All Trusted CAs" to validate a client with any of OpenRG's trusted certificates, or choose a specific certificate from the list.
