It's more than likely a policy-based pre-requisite from the VPN server end.
How would the remote VPN server know whether or not the wifi link was encrypted?
How would it differentiate between a home (possibly encrypted) wifi network and a public (probably unencrypted) link?
SD