Yes it is possible. You already achieved one part I gues as you have established the vpn and you now have no internet. That tells me you do not use split tunneling so your client's default route was rewritten and the traffic goes thru office lan already.
You now have to have a policy at the remote end FGT that allows you to access the internet coming from your vpn.
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Now, you are able to successfully connect to the 40F and access resources from the HQ but there is no Internet access. If my understanding is correct, on the HQ firewall, assuming is also a FortiGate, you would need to create a firewall policy that has as source interface the IPsec tunnel interface with 40F and destination interface the Internet facing one. You have to enable NAT on this policy.
This is a great post and really helped me thanks. However I have some users that would like to be able to access the local network for access to their printer for example. I have gone into the the windows vpn connection and disabled the "use default gateway on remote network. This then gives me access back to my local Lan and routes Internet traffic via my router but loses access to the Lan behind the Fortinet vpn. Is it possible to have access to both via the native VPN client?
Many Thanks and apologies if I should not have resurrected this thread.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.