this is i case I have here at all shop sites.
You will need to use split tunneling on the dial up ipsec because you need to push routes to the remote subnets on FGT on other end of the S2S to your client.
Then FGT on remote end of the dialup needs to know routes to those subnets too plus it has to have policies to allow traffic to flow from dial up over the s2s to the other subnet (and vice versa if needed).
FGT on remote end of the S2S has to know a route back to the dial up vpn and also has to have the accoarding policies from dialup vpn over s2s to remote subnet.
Reverse policies are only needed if you actively want to connect to dial up client(s) from out of the remote subnets.
Oh and on your drawing I see that both FGT have the same subnet (i.e. overlapping subnets). if that is not a mistype there that would require additional workarounding. There is some document on that on the knowledge base. I used that once when this hit me at work....
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams