If the host is capable of using Java, I'd say just use a web browser to access the web-based portal. AFAIK, you cannot use a third-party client to connect to the VPN in tunnel mode.
However, people often overlook the Java-based connection tools available within the web portal: VNC, SSH, RDP, RDP-Native (uses mstsc.exe on your local host, targeting a loopback address that Java is listening on), and especially Port Forward. None of these require a host address to be assigned to the connecting client.
For instance, with Port Forward, say you want to access a database application on a host behind the FortiGate at IP 10.0.0.2:333 (just a random example - I don't know the usual DB ports). You'd normally have to initiate a tunnel-mode connection, so the client application could communicate "directly" with the server. With Port Forward, you specify the target IP and port, as well as a listening port. Java will listen to this port (for example, 15555) and direct traffic to the FortiGate for processing. Within the client application, you would target: 127.0.0.1:15555.
Since I'm in support, I have to mention the caveat that there *may* be issues with this, as with anything else. But no one calls in when a feature works, so my perspective is a little skewed.