For VPN routing to succeed, what must be configured?
A.
VPN routing is not configured in the Rule Base or Community objects. Only the native-routing mechanism on each Gateway can direct the traffic via its VTI configured interfaces.
B.
No rules need to be created; implied rules that cover inbound and outbound traffic on the central (HUB) Gateway are already in place from Policy > Properties > Accept VPN-1 Control Connections.
C.
At least two rules in the Rule Base must be created, one to cover traffic inbound and the other to cover traffic outbound on the central (HUB) Security Gateway.
D.
A single rule in the Rule Base must cover all traffic on the central (HUB) Security Gateway for the VPN domain.