Possible Reason 1:
Background information:

Cisco Switch can talk to the SNMP server via the IPSec tunnel correctly whereas FortiGate cannot respond to SNMP server queries via the IPSec tunnel.

Network diagram:  

Cisco SW---FGT100F-----IPSec VPN------ SNMP server.

1. The packet sniffer shows the traffic comes in, but no return traffic.
                                   

2. Verify Routing configuration and firewall policy are all set up properly, as it is possible to see from the source IP in FortiGate can ping and traceroute to the SNMP server.
                               

3. Checked the local policy which allowed the source to the SNMP server.
   
   

4. Run the debug to capture the SNMP information, however, nothing is shown on the debugs.
                                    

Solution:

Add the SNMP server IP as a trusted host under the local admin account, and then it will start working.

Possible Reason 2:

Unable to match SNMP community on the FortiGate due to case-sensitive community name 

• The SNMP community name specified on the SNMP manager is 'public'.
• The SNMP community name specified on the FortiGate is 'Public'.
  
  config system snmp community
      edit 2
          set name "Public" <---
          set status enable
       next
    end
  
  

The FortiGate will not reply to the SNMP traffic coming from the SNMP manager as the community's name does not match as it is case-sensitive.

• Run the snmpd debugs:

diag debug reset
diag debug application snmp -1

diag debug enable

Below debugs are expected:

• snmpd: checking if community 'public' is valid
• snmpd: failed to match community 'public'.

Solution:
Make sure the community's name is identical on both the SNMP manager and the FortiGate.