The current site-to-site RED tunnel documentation does not seem to handle the following:
* using a zone other than LAN
* defining more specific rules, other than a LAN-LAN any to any
Trying the route was causing traffic to go out, but no traffic was making it back
