Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you would like to access your App Service via Private EndPoint from OnPrem using Site-to-Site VPN connection.
As long as you are able to resolve to the private IP of the Private EndPoint from the on-premise servers, you should be able to access the resource without any issue.
Having a middleware should not have any impact here
- PE only provides a layer 4 connectivity.
- Layer 7 features such as SSL will still work over it
- If you have SSL enabled in your app service, then the connections via PE would use TLS as well
- However, in case TLS is provided by your middleware and the App Service can accept traffic via plain HTTP ( TLS Termination at Middleware ), your OnPREM servers would use HTTP to connect to it
Please let us know if we can be of any further assistance here.
Please Accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer.