1) you don't need 0.0.0.0/0 but that is the easy example F5 uses in all documentation. if the remote subnet is 10.10.10.0/24 you can use that? you can also filter on source if you want. this virtual server is used to pick up the traffic for the VPN. so you can modify it based on that. as long as you don't have a forwarding virtual server with the same destination you are fine.
2) instead of four almost identical sections in the documentation this would be actually interesting to document. im afraid you will be on your own here. i expect most of the configuration is synced, although, it is networking config ... sorry don't have a cluster available to quickly test. i would set it up with as much use of floating IPs and see if that works out.
3) and 4) see above, try first to make it work on one BIG-IP then check how the failover behaviour is.
PS: could you please change your first post to remove the sudden indentation at the end?