Hi,
If you can't get any IP communication it does sound like you are not authenticating correctly.
Is your AP running IOS, if so telnet on to it and look for assocatiations "show dot1 association".
This will show you which clients have associated with your AP and which state they are in.
Also do a debug aaa authentication on the AP and reauthenticate from your client, look for successful authentication messages
Check the logs on the IAS server for any authentication messages.
Its more then likely an issue with your certificates, I haven't used IAS before, however ACS normally displays EAP-TLS type errors when there is a cert problem.
One other thing, remember to put a helper address on the AP under your BVI1 interface?
HTH
Paddy