EAP-MSCHAPv2 is a password-based authentication method that integrates the Microsoft Challenge Handshake Authentication Protocol version 2 into the EAP framework. 

PEAP (Protected EAP) creates a secure TLS tunnel before the MSCHAPv2 exchange happens, protecting your credentials from eavesdropping and offline dictionary attacks.

To enable PEAP, you will need a valid SSL certificate.  You can either register for a new one or you can use an existing one, for example, the one you use to protect your DualShield Service Consoles.