My understanding is that Trusted Networks should take priority over all other firewall rules, but then I somehow fail to understand what is hidden under this "Trusted" value under creation of new rules.
Except for TrustedSource exceptions, Trusted Network entries, by itself, does nothing in the HIPS Firewall (i.e., the IP addresses are not "whitelisted" for traffic). In order for a Firewall Rule to apply to the list of networks in the Trusted Networks policy, you must create a firewall rule and set the Local/Remote Host to "Trusted".
I have had in past few systems where even thou I have had in Trusted Networks specified ranges. System was not able to access ie. Printer even thou it was fitting the range.
See #1 above. If you did not have a Firewall rule for "Trusted", the network traffic would not be allowed for Trusted Networks. VPN traffic should be allowed via Firewall Rules above any Location Aware Group (same as the Allow Loopback traffic rule).