Comment 30 for bug 124663

To expand upon that:
VPNs are supposed to be as if you were on that network. They are encrypted with IPSec so that no data is transmitted unencrypted on the local network. Instead, everything goes through the encrypted tunnel. If any data is allowed to automatically circumvent the tunnel, there is no integrity in the system. The way it currently is, the user knows that their data is securely encrypted. If traffic circumvents the tunnel with no user intervention and without the user's knowledge, the user could *very* easily be exposing private data to anyone with a wireless sniffer on the local network. That would be a a *major* security concern.