Hi!
I can see you have enabled "Termination" in your IAP configuration. This means that the IAP cluster will try to terminate the EAP tunnel instead of the RADIUS server and this means you have to have your trusted certificates put on the access points and configured aswell. Is this the way you want it?
If you want the EAP to terminate on the RADIUS server and use the certificate there, disable termination in the IAP settings.
Make sure that the IAPs IP-addresses are configured as RADIUS clients on the NPS with the same shared secret as you put in the IAP.
I think I see the checkbox with validate server certificate checked on your client side configuration, this is good but for troubleshooting purposes you can try to uncheck that and see if it works then. If so, you know that your clients doesn´t trust the server certificate of the RADIUS server so that´s the problem you need to fix and then turn the checkbox for validate server certificate back on.
If this still doesn´t work, try checking the event viewer logs in the NPS if you see any requests coming in, and if so, it can reveal why it isn´t accepting your requests. If you don´t see any requests you might want to check for any blocks in filtering points along the way from the IAP cluster to your NPS server.
Good luck!
Cheers,