You probably won't find documentation on this scenario from a Tableau perspective as it arguably isn't a "Tableau issue": It's more a networking / web application / DMZ question.
Re-phrased, your question might be "Can I allow access to a Web Server (instead of Tableau) via VPN and externally via the Web?" You can probably find a better answer to this re-phrased question on the web than I'm about to give...but I'll give it a whirl anyway....
The brief answer: Yeah, probably!
A well thought out answer would address whether you should do this assuming you can. Normally, any sort of web application that is internet-facing will sit out in a DMZ to keep it outside your company's firewall. Users who want to access this server through the VPN would therefore need to come in through your corporate network and then back out through your firewall and into the DMZ to talk to the server. Most networking guys won't want to allow this. It's messy.
...which leaves you with having to try other solutions like putting a reverse proxy in your DMZ that forwards requests through your firewall to Tableau sitting inside corpnet.
So, it CAN be done - but it's complicated because you're trying to do something most networking guys aren't exactly keen to try. They want to keep "external" and "internal" resources as distinct and separated as possible. Your proposal does the opposite.
Clear as mud?
You'll probably need to set up what's known as a reverse proxy. As Russell says though, this is network configuration, not anything to do with Tableau per se.