Tryiin to disable TLS 1.0 for server hardening on NPS server with 802.1 Certificate based W-LAN - PEAP-MSCHAP TLS1.0. It looks like Windows server PEAP-MSchap2 still does not support TLS 1.0 which is not supposed to be enabled in any server at this day and age. Is there a workaroud, currently I am using it on Windows 2012 R2 and planning to migrate NPS role to Windows 2019, if it is not supported then I will have to look for another vendor based radius auth instead of exposing TLS 1.0 to drop our security score