I don't think, it's a problem of Jabber per-se. I assume, you have a problem somewhere of the IP routing / FW blocks the RTP packets, that's why I would personally rather look at Layer 3 level.

But:
Can you confirm, that the Jabber on the phone is registered via MRA and not "internally"?
Have you checked, if you see the RTP packets coming through the VPN or not?

Yes, I'm sure it is registered externally, I see SIP traffic on the Expressway, but I don't see media traffic.

I created the VPN profile with just 2 particular covered IP addresses - internal DNS and the internal mail server (we only need access to ones by VPN). And again, CUCM is located not in the network we access by VPN.
That's why it is strange.
And 

Do you see the media traffic on the VPN edge / FW?
I mean there can only be 2 possibilites, either EXP-E or the VPN edge.
If you say you don't see anything on EXP-E, then only the VPN edge is left.

I don't know anything about VPN setup or the profiles you have configured (I'm a Collab guy), but everytime a customer had problems with Jabber via VPN, it was because of a misconfiguration of the VPN and not a Jabber problem.

Unfortunately I have no idea how to catch traffic in the VPN tunnel on ASA.  But I got a capture on the Edge side of EXP-E (attached).

The point is when I log in to Jabber at a first time when VPN tunnel is on, there is an audio in both sides, but if then I re-establish VPN, there is no audio in the next call. You can see it in the capture.
There is no routing issue on the VPN client side because the tunnel mode is application tunnel (only approved apps included) and the vpn protected networks are strict IP addresses, no any default routes etc.