If either one of the two (web or intranet) require read-only access you could set up a replicating slave server. MySQL natively supports replication over an SSL-encrypted connection, so security of the data transfer should be fine and removed from the users hands (which is often a good idea I find ;-). If both of them require write-access you could also set up multi-master replication, but that has it's own drawbacks and may not be worthwhile.

Alternatively to that, I'd set up a VPN. OpenVPN works on all major platforms and is relatively easy to deploy.