I don't think there's any easy way to do this as it appears your agents think they're on the network. A workaround might be a hosts file on each client PC that gives the internal only IP address of your server. One option might be to enter the IP address of the server instead of the name in the Advanced tab of the Targeted Agent Configuration Settings. Or, have a DNS alias for the server and put that there instead of the IP address.
My understanding of a longer term solution is that your internal DNS names should be not resolvable from the internet or at least be a different domain name from your public website.
So Microsoft would, say, use servername.Microsoft.local for their internal servers.