Hello all! Apologies if this was asked/answered, spent time search but can't find a similar case. 

FW: FortiGate FG-200F on firmware v7.0.13.

We use a split tunnel IPSec VPN to allow access to specific subnets on our network for access to IT resources. We have a few up and working and they are accessible without issue. However all of those subnets are networks that are hosted by the FortiGate. 

I just stood up an OOB management network hosted by a UniFi UDM Pro firewall. What I'm trying to do is to allow secondary access to that network via the interface I configured to allow OOB access to the FortiGate. Here's what I've done:

• Interface created in DMZ role, IP set to be within the network of the OOB network. If I open the FG CLI I can ping devices on the network without issue.
• Subnet of the OOB network added to the address group that the "Accessible networks" is assigned to in the VPN tunnel configuration.
• Firewall policy added to allow traffic from the VPN interface to the management network subnet. 

However traffic is not routing to the interface. I've also tried:

• Static route for traffic for the OOB network to the interface that the network is connected to
• Policy route for traffic originating from the VPN interface to the interface that the network is connected to

Still not able to route anything. I feel like I'm either missing something obvious or what I'm attempting to do won't work. Any pointers would be appreciated!