I see that in Cisco's propriety protocol called LEAP, which is based off a Microsoft protocol MS-CHAPv2( it's insecure obviously..anyways) LEAP has some of the same flaws to it, apparently it is susceptible to a "dictionary attack" if a user has a weak password, it will find that password using a tool called Asleap. That is why Cisco developed PEAP, anyways this is aside from the point. I have a summer job at a college in technical services, and my supervisor is trying to implement this. They just bought a $4000 RADIUS server from Cisco, and this is why he wants to use the LEAP protocol because he has already dumped a substantial amount of resources into it. Do you think this is still a secure protocol? Or, is there any alternate protocol that could be used with the RADIUS server, and not put much more dampening on the wallet? What about PEAP could this be used? I would like to know more first hand information, I can't find very much on google that explains how it works, its all about how to use tools to breach it's security or flaws..ect..ect.