I'll work with the assumption that by VPN you mean a Cisco-centric IPSec VPN solution.

Since STUN is serial tunneling [over IP], and IPSec carries IP traffic, there is little reason this solution would not work. You may want to run newer IOS so that you can LLQ the STUN traffic that is being tunneled (qos pre-classify) but from a purely operational standpoint I see no real roadblocks.