@UCcert I think @FlyingDutchman wants to use their internal DNS for internal servers, but not for the VoIP server. However they have a DNS entry for the VoIP server on their internal servers that points to a suboptimal IP address.
Therefore the only options I can think of are:
Remove internal entry for VoIP server and use public expressway for all connections
Allow remote users to connect to VoIP server via existing MPLS route
Maintain a second internal DNS server with only a subset of internal entries (not including the VoIP server) and point the VPN clients to that
Somehow filter the responses the DNS server gives, so only internal hosts get the private VoIP server entry, but VPN hosts get the public entry <--- can this be done?
The forth option that @cmr mentioned would work well, this feature is named "DNS views" and is supported in BIND, but sadly not on Windows Server DNS.
So the best long-term solution would be not to use the same domain for internal and external resources. The internal resources should be better migrated to a different domain or a subdomain of company.com.
EDIT: Wait ... just the moment I pressed "Post" I remembered there was a new feature that does exactly what DNS views in BIND are doing, the DNS policies: