Extreme Access Control is capable of doing NTLMv2, however MsCHAPv2 authentication requires NTLMv1 in order to hash the password correctly.
Per the Extreme EAC help files:
These protocols do not work if the active directory domain server is set to only allow NTLMv2 authentication because these protocols do not use NTLMv2 and the hash passed to NAC Manager is rejected by the active directory server. Allowing only NTLMv2 authentication only works if NAC Manager proxies the 802.1x request to Microsoft IAS/NPS. Microsoft IAS/NPS allows this lower level of authentication because it is in a TLS session, which Microsoft believes makes it as secure as NTLMv2