it is not possible to let user select one of the MA method or fall back to different MFA method while connecting to VPN client using RADIUS based authentication.
After Primary authentication is successful, NPS extension for Azure Multi-Factor Authentication communicates with Azure Active Directory, retrieves the user's details, and performs the secondary authentication by using the preferred method that's configured by the user (cell phone call, text message, or mobile app).
I also understand your point on allowing user to select different MFA method in case primary MFA method is not available but this is current not supported/ available. when NPS extension is used for MFA.
Also, another use case will be based on Protocols used with RADIUS. Like in case of PAP with RADIUS user can set any one of the all available MFA methods as default ( Phone call, SMS, Mobile app notify, OTP from app or hard token ) , however, in case of other protocols like Mschap or EAP, only phone call and mobile app notification is supported. Now, in a use case where user has Phone call selected for office 365 MFA , fall back to SMS is possible on office 365 , however, the same cannot be used for VPN with Mschap/RADIUS as it only supports Phone call or mobile app notification.
But your point is valid it is not limited to your VPN solution. This is applicable on different VPN / RADIUS based solutions like RD Gateway or CISCO anyconnect client or even web based VPN.