(I knew it. Sorry.)
What I wanted to say is that the setup is doable and relatively simple.
First, routing. The client has to have a route to the second network, or traffic will not go across the SSLVPN to reach the FGT.
On the FGT, you will need a route to the network behind the SSLVPN (i.e. your clients) pointing to the 'ssl.root' interface, and a route to the network behind the IPsec tunnel. Imagine visiting each hop on the way from the client to the IPsec network and back: client - FGT - tunnel - IPsec network. At each hop a route to the next hop and back to the previous hop is needed. Sometimes a static explicit route, sometime a default route (to make life easier).
Second, if all participants know how and where to send the traffic, then you additionally need a policy to allow it. After all, the FGT is a firewall, a control device. For writing the policy, you need address objects of the source and destination networks, the services you allow, some UTM...
In short, both the SSLVPN and the IPsec VPN are represented as virtual ports on the FGT. You route and allow traffic between these ports just like between any pair of physical ports.
"Kernel panic: Aiee, killing interrupt handler!"