In a proxy setup the Forwarding-server configuration is as below:

config web-proxy forward-server
    edit "proxy-1"
        set ip 10.61.10.43
        set healthcheck enable
        set monitor "https://www.google.com"
    next
end

And this forward-server is reachable via port3:

Routing table for VRF=0
S* 0.0.0.0/0 [10/0] via 10.5.31.254, port1, [1/0]
C 10.5.16.0/20 is directly connected, port1
C 10.5.48.0/20 is directly connected, port2
C 10.61.0.0/20 is directly connected, port3
C 172.31.128.0/20 is directly connected, port4

However, the Proxy policy should be configured as per the default route on the Fortigate but not the outgoing interface set to port3 as the policy will not take a hit.

Correct Proxy policy for the above scenario:

config firewall proxy-policy
    edit 1
        set uuid cacd1f0e-506d-51ee-6c1d-9727ee9c89fd
        set name "test"
        set proxy explicit-web
        set dstintf "port1"
        set srcaddr "all"
        set dstaddr "all"
        set service "webproxy"
        set action accept
        set schedule "always"
        set logtraffic all
        set webproxy-forward-server "proxy-1"
        set utm-status enable
    next
end

Use following command to verify the health of the forward-server.

diag sys health-check show

Note 1:

Both the explicit proxy device and the forward server should be able to resolve the hostnames for the requests coming from the client.

Note 2:

In FortiOS 7.6.3 isolator servers can be configured for explicit and transparent proxy policies in the GUI of the FortiGate. Web proxy isolator servers, such as FortiIsolator, are supported in proxy policies. Isolators are fundamentally the same as web proxy forward servers because both will redirect HTTP and HTTPS requests to an HTTP or HTTPS proxy server. However, isolators have the specific function of isolating potentially unsafe traffic from a user environment. For more information refer to this document.