The design is to get ERSPAN traffic from Cisco to FortiGate Interface to act like IDS. How to achieve this and what configuration needs to enable on FortiGate. Is GRE mandatory?
As I understand, you would like FortiGate to operate as an IDS appliance( i.e. without actually processing the packets). Correct me, If I am wrong.
You could put the FortiGate in one-arm sniffer mode and it would serve the purpose. Below is the link to configure it on the FortiGate,