If you've already verified that the ICMP packets are reaching the device (using the console sniffer, naturally) then this is pretty much your next step. It'll be really arcane to look at, but... try these in the console, then ping...
diagnose debug flow filter daddr 22.214.171.124
diagnose debug flow filter proto 1
diagnose debug flow trace start 10
diagnose debug enable
These will make the Fortinet spew to the console every little thing it knows or decides about the packet, and is mostly readable by the very brave. You can also add a source address (saddr) criteria if you know what the source IP address should show up as.