I have Fortigate FG60E set up as a L2TP/IPSec with PSK server. Clients like computers and mobile phones connect to it without any issues by just using PSK, username and password with zero tweaking required.
I want to connect my Mikrotik hEX (which is almost all default settings save for static IP for the internet) with 6.46.6 OS as a client as well - so using WinBox I basically go into PPP → + → select L2TP client → input Fortigate’s IP address, input username and password, tick IPSec box and input the PSK and leave the rest as it is. However after this MikroTik doesn’t connect to FortiGate and FG’s VPN log says IPSec Phase2 error with “peer SA proposal not match local policy”.
Try changing pfs-group value to none, as the Microsoft Windows’ embedded VPN client uses that. If it does not help, try to gather more information from Fortigate’s log regarding supported transforms (encryption algorithm, hash algorithm, pfs algorithm).
If you have any other IPsec configuration in place on the Mikrotik, double-check that it doesn’t use the default proposal before doing that change.