http://www.cisco.com/warp/public/779/smbiz/wireless/wlan_security.shtml
http://www.cisco.com/en/US/partner/products/hw/wireless/ps458/prod_bulletin09186a0080100194.html
http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_qanda_item09186a008010018c.shtml
PEAP is hybrid process ( combination of leap and eap tls )
To download server side certificate on ACS you can use eap tls doc.
Depending on AP use either of following doc
http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch8.htm
http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/i1224ja/i1224icg/ivicgaut.htm
You have to careful while selecting the client supplicant , you can choose Cisco peap supplicant or Microsoft peap supplicant
You can have Microsoft peap supplicant or Cisco Peap supplicant .
If you have windows 2000 OS , than if you load service pack3 , Microsoft peap supplicant is installed . On top of this if you install ACU 5.05 microsoft supplicant wil be overwritten by Cisco supplicant .
In case of XP , if you install service pack 1 , it will install microsoft peap supplicant , if you install ACU 5.05 it will be overwriteen by Cisco Peap supplicant .
Microsoft peap supplicant send eap-Chap in EAP tunnel and Cisco support EAP-GTC in eap tunnel .
with non cisco card it depends on which radius server and database you are running .
At present ACS 3.1 supports EAP-GTC so it will not interoperate with Microsoft supllicant . In later release ACS will have support for EAP-Chap so
that you can use 3rd party card with Microsoft supplicant and ACS3.2
http://www.cisco.com/warp/public/779/smbiz/wireless/wlan_security.shtml
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a008014626b.html