I have been trying for some time to get PEAP (Microsoft's Protected EAP method) to work with Mac OS X 10.3. Today It finally worked, and it boils down to this:
- Import the certificate for the root certificate authority (CA) that issued the certificate to your IAS box into your keychain. Make sure it goes into x509Anchors. If you have web enrollment enabled, you can go to that site and download it.
- In Internet Connect, select new 802.1x connection, enter the login ID (no domain) and password, then select the wireless network that's using PEAP.
- From the Configuration list, pull down and select Edit Configurations.
- On the sheet that pulls down, select PEAP and then configure and enter your domain and loginid (Domainloginid) in the box marked "Outer Identity."
- Save your changes and connect to the network. It should ask you if you really want to trust the certificate. Examine it and if you do, (and you really do...) say yes.
- If it dosn't connect the first time, try again and it should work.
This solution was tested using Mac OS X 10.3.4 connecting through a D-Link DI-624 setup to use WPA. The Domain Controllers were Windows 2003 in Native 2000 mode. The RADIUS server is a Windows 2003 server with IAS (Internet Authentication Service), and the Certificates were issued using Windows 2003 Certificate Services.