--security-level 2 --up /path/to/route-killswitch.sh
KERNEL=="vpn0", RUN+="/PATH_TO_THE_SCRIPT/SCRIPT_NAME"
#!/bin/sh
ip route del default dev dev_name
Office and Home routers are connected to internet through ether1, workstations and laptops are connected to ether2. Both local networks are routed through L2TP client, thus they are not in the same broadcast domain. If both networks should be in the same broadcast domain then you need to use BCP and bridge L2TP tunnel with local interface.