First off, cool running into you this summer.
Here's a very specific use case for multiple remote access encryption domains. We are being required to send all our users data to our gateway BUT we have a few business units that do NOT have this requirement. Being a very large global company, we use the same gateways for all of our 50 business units.
As you can see, how would you do a remote access community for some people to route all through the gateway and then have a few users here and there route only what is needed (our internal networks) and allow the rest to go out locally?
BTW, one caveat is that we also need to break out skype traffic from going down the tunnel, so we cannot do route all through gateway, we kinda have to do a group with exclusion of 0.0.0.0/0 minus our skype servers if that makes sense.