CLI commands:

diagnose debug reset
diagnose vpn ike log filter clear
diagnose vpn ike log filter name "IPsec_Tunnel_Name"
diagnose debug application ike -1
diagnose debug enable

To stop the debug processes in the end, press 'Ctrl+C' and enter 'diagnose debug disable'.

1. If the IKE debug message contains the error 'probable pre-shared secret mismatch'.

Solution:
Check if the 'Peer ID' on FortiGate matches the 'Local IKE ID' on Sonicwall.

On FortiGate:

On Sonicwall:

2. If the IKE debug message contains a 'malformed responder cookie'.

    

    

Solution: (If FortiGate is behind the NAT device).
Check if the 'Peer IKE ID' configured on Sonicwall is the IPv4 interface IP of FortiGate connected to the uplink device.

On FortiGate:

                                                      

                           
On Sonicwall:
                               

Note: 

Before v7.6.3, using an IPv4 address as a Peer ID was not supported for IPsec VPN tunnels. This feature is available starting from v7.6.3 but will not be backported to earlier versions. If upgrading to v7.6.3 is not possible, it is recommended to configure the remote peer to use either FQDN or KEYID as the ID type.