The Passthrough networks option available in the RUT240's IPsec configuration is used to select networks that should be passthrough and excluded from routing through the tunnel. This option is especially useful when the router is configured to operate as a VPN gateway and route all data traffic through the tunnel.
Since Fortigate 30E is accessible via RUT240's WAN interface and the Passthrough networks option is set to WAN, the router access Fortigate via "regular WAN interface" instead of VPN tunnel. With that in mind, I would suggest setting Passthrough networks to LAN or NONE and check whether the issue persists.
Also, I would advise changing the Local GRE interface netmask from 255.255.255.255 to the one that suits the number of available GRE endpoints, e.g. 255.255.255.240.