I've made a couple of tests and, as far as I've understood, Azure Relay requires the listener to explicitly connect to the bus. In our scenario, we would like to use it from a VM in Azure (or a different system on Internet) to connect to an existing On-Premise resource that cannot be modified to support Hybrid connections. I've tested also the Hybrid Connection manager and I wasn't able to find any documentation on how to create a client that connects to a Hybrid connection that routes the traffic to the target system by using the Hybrid Connection manager. It works from an Azure Web app, but they are not a viable solution in our scenario. Is it possible to use the Hybrid connection manager from outside an azure web app?

I've digged two days more to find an answer and from this article, it seems it's not possible:

https://docs.microsoft.com/en-us/azure/biztalk-services/integration-hybrid-connection-overview

Hybrid Connections provide an easy and convenient way to connect the Web Apps feature in Azure App Service (formerly Websites) and the Mobile Apps feature in Azure App Service (formerly Mobile Services) to on-premises resources behind your firewall.

And it sounds correct since they requires some adjustments at network level that are made under the hood by Azure: the mobile app makes a specific dns query and the azure internal dns returns a 'ghosted' ip that offers an entrance to the hybrid connection tunnel at the requested port. The hybrid connection then 'forwards' the tcp stream to the on-premise hybrid connection manager that proxy the request toward the real ip of the service. In this way, hybrid connections does not breaks any SSL connections since the target dns host is the same of the final SSL endpoint.

However, digging a bit more, i've found two examples that offer a pre-elaborate that it's helpful in my scenario:

Hybrid Connections Reverse Proxy

https://github.com/Azure/azure-relay/tree/master/samples/hybrid-connections/dotnet/hcreverseproxy

Port Bridge

https://github.com/Azure/azure-relay/tree/master/samples/hybrid-connections/dotnet/portbridge