Sir,
Please see the diagram here: http://deployingradius.com/documents/protocols/compatibility.html
Unless the passwords in Lotus Domino are encrypted using ClearText or NT_Hash algorithm, you cannot do MsChapV2. Please find out what the encryption is, to determine an alternative based on the chart.
The bad news is if Lotus Domino does not support either ClearText or NT_Hash, you will have to install a supplicant on your windows clients to support a different EAP type if you still want to point at the Domino server using LDAP to do encryption.
As an alternative, if your clients login to a domain, you should add your ClearPass Server to that Windows domain and then set it up as an Active Directory Authentication Source http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-Add-Clear-Pass-to-Domain/ta-p/187614 install a Windows radius server and have your clients authenticate to that, instead of pointing at the Lotus Domino server for authentication: http://community.arubanetworks.com/t5/Community-Tribal-Knowledge-Base/Step-by-Step-How-to-Configure-Microsoft-NPS-2008-Radius-Server/ta-p/80672 You will be able to support MsChapV2 with the built-in Windows Supplicant in that setup. It takes more effort on the server side than just pointing to the Domino server via LDAP, but you will not have to install additional software on your Windows clients, so it is preferred.