I hope that you at least use L2TP over IPSec and not pure old L2TP with no encryption at all.
However, instead of fixing dead L2TP I would humbly suggest to reconsider the VPN schema and drop down L2TP use, completely. It's 22 years old protocol with zero protection!
All modern OS are able somehow directly, or with help of supplicants like FortiClient, to use IPSec or at least SSL VPN. Some even allows you to use IPSec with IKEv2. Even on mobile platforms like Android or Apple iOS.
So instead of unprotected prehistoric L2TP I'd suggest to use IPSec completely.
As hub (on HQ FortiGate) &spoke (on branch offices) + dialup (for mobile road warriors).
Tom xSilver, planet Earth, over and out!