I did read in different blogs people are confused between authentication open eap <eap-name> and authentication network-eap <eap-name>
Before to explain this I am going to show by an example how this is configure:
AP1# configure terminal
AP1(config)#dot11 ssid Test-ssid
AP1(config-ssid)#authentication open eap eap_methods
AP1(config-ssid )#authentication network-eap eap_methods
AP1(config-ssid )#authentication key management wpa version 2
Authentication network-eap: Allow LEAP authentication, the EAP profile will determine which method should be used.
This option was developped for Aironet/CCX product to negociate LEAP authentocation during the initial 802.11 authentication. this is recommended if the client is a Cisco Aironet device.
Authentication open eap: Allow open + EAP authentication (EFAST ot other EAP Methods)
It used to perform any other EAP Method (other thane LEAP) when using root AP/Bridge.