Hi again Will, and sorry for the slight delay.
Frankly, I found this quite strange. I mean, Network Shield is not really a proxy, it's a simple TDI filter sitting (locally) at the TCP stack and filtering out malicious packets (technically, it's like an IDS). I don't see a way how this could interact with the Fortinet appliance (located at the perimeter). It is actually very unlikely that Network Shield would be dropping any packets vital for the VPN communication (you would see evidence of this in the "last 10 attacks" field, for example).
On the other hand, I cannot really recommend to NOT install Network Shield even if a gateway firewall/IDS is present - simply because of potential attacks from inside of the network. This may sound quite rare - but is actually very common.
Imagine a user with a laptop infected by a worm (e.g. "Blaster"). A user connects the laptop to the network, and BANG - all [unpatched] machines on the network instantly get infected (and the appliance at the perimeter sees nothing...)
Thanks
Vlk