I am not sure what best practicu you are looking for. You can say that the settings, that are used when you create VPN via GUI VPN WIZARD can be considered as best practice. But most of the settings depends on the requirement of your network and your VPN peer. Higher the encryption and DH group means better security but you need to have in mind also offloading capabilities. Usually you need to decide on what security level you want to have and based on that you will adjust settings.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.