hm I had this when I tried to dial in via ipsec with two pcs behind the same NAT Address (and both in same local subnet). This resulted in one PC getting connected and the other did not.
This was due to the way FortiOS per default threats the routing upon dialup von connections.
It did a net route for my local subnet over the first tunnel that came up and then due to that was unable to route over the second one during establishing that tunnel.
There is some cli param at least with ipsec dialup one can set that forces the Fortigate to do a host route instead. Setting this allows to establish concurrent tunnels from out of the same local subnet and wanip.
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.