If you have two different WAN connections (you mentioned different routing) then you need twice that number of physical connections to the firewall (put a $20 dumb switch in between). So WAN from ISP1 (or since same ISP, let's say connections A and B) goes to wan1 and connection B/ISP2 goes to wan2 on EACH firewall. Anything else does not work with HA cluster. Connectivity on the firewalls should always be identical, and each WAN connection should be monitored as a condition for failover.
You obviously don't need to double the connections going to the ISP router (probably can't) which is why I said VLAN for.... Basically you have one port on your switch to the ISP router 1 and then 2 ports to the 2 FGTs. Same thing with ISP router 2. 6 ports on your switch, in total.
I'm not quite sure what you're asking. I assume that's why you have two WAN connections, yes, in case one of them fails. And the reason you have two FGTs is in case one of *them* fails. Since you have both, you could now have 1 of each fail and still have no impact to service. Anytime you throw HA firewalls in place you need to make sure each one has the same connectivity to all networks or it's not really HA and it won't work.
Now you'll need to consider the impact of the failure of one of your VSF switches as well, or that becomes a single point of failure. Most likely you'd do 1 WAN to each switch and then make both connections (to FGT1 and FGT2) from that same switch. So the WAN connected to each switch becomes reliant on that switch, and if say switch A fails at the same time that WAN B fails, you're SOL because working WAN A can't talk to either FGT although both FGTs can talk to broken WAN B. There's always some combination that can break things, but you can think through the different scenarios and consider what's more likely under your circumstances (unreliable ISP, old gear, etc).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.