How virtual hosting works is that the browser, when it sends a request for a page, also sends down a host header, to say what host it is attempting to request from.
This makes it so that when you type in "http://www.tfproject.org/index.html" the request looks like this:
GET /index.html HTTP/1.1
Host:
www.tfproject.org
(lots of other stuff, browser dependant, and cache-dependant)
Now, if there is a way to connect to the intranet server from the outside world, there is a way to pass the 192.168.x.x IP address in as the hostname it is looking for.
Even though the external IP is mapped to "www.mycompany.com", someone could connect directly to port 80 and issue a custom "Host: 192.168.x.x" header, and get your intranet site. I would say that this would be pretty improbable, but it is possible.
Now, if you setup a different IP address for your intranet server, you can make virtual hosts that listen on IP addresses, and that pay no attention to the "Host:" header, but you would have to use a different internal IP address for the intranet site than the IP address that the external IP is mapped to.
My suggestion is to make it a password-protected site that is availible to the outside world, then users can connect to the intranet from home if they need to. (but that is just my suggestion, and requires some heavy security to make it work well.)