In Case this helps:
Last login: Tue Jan 31 15:22:51 on ttys000
ios:~ username$ sudo webappctl status -
web:webAppState:_array_index:0:state = "RUNNING"
web:webAppState:_array_index:0:virtualHostName = ""
web:webAppState:_array_index:0:webAppName = "com.apple.webapp.ACSServer"
web:webAppState:_array_index:1:state = "RUNNING"
web:webAppState:_array_index:1:virtualHostName = ""
web:webAppState:_array_index:1:webAppName = "com.apple.webapp.devicemgr"
web:webAppState:_array_index:2:state = "RUNNING"
web:webAppState:_array_index:2:virtualHostName = ""
web:webAppState:_array_index:2:webAppName = "com.apple.webapp.auth"
If you can connect over VPN but not internally, it almost always points to a ports issue at the router. There are nine matches for the words "profile manager" on this site: http://support.apple.com/kb/TS1629. Be sure each port associated with those two words is open. That's your start point.
Be sure these are open as well:
Port TCP 443 (https)
Port TCP 1640 (SCEP)
Port TCP 5223 (APNS)
Port TCP 2195 (APNS)
Port TCP 2196 (APNS)
https://servername/mydevices is (as written) just a hostname and not a 'fully qualified domain name'.
It might work internally either because internally the Mac will then try servername.local and try to access it via Bonjour (which will not work via VPN), or if your (internal) DHCP server is providing a domain name to clients e.g. mydomain.com then it will try adding that to servername to produce a fully qualified domain name of servername.mydomain.com and then try contacting the server via that. Make sure your VPN server provides the correct DNS server and domain name to VPN clients.
I would suggest trying first the numeric IP address of the server via VPN e.g. http://10.1.1.1/mydevices and see if that works. If it does this would prove the ports are open and available. If you do have an internal DNS server (which if your running Profile Manager you will) and if your VPN server provides that to remote users, then try the fully qualified domain name via VPN.