Hi deka - welcome to the forum,
You’ll want to forward ports from the WAN of your balance to the WAN of the fortigate. The last time I used a fortigate the default port for SSL VPN was 10443 but it might have changed now.
Navigate to Network > Inbound Access | Port Forwarding. Click ‘Add service’ button then fill it in and choose the WAN connection and public IP you want to use to forward to the fortigate:
Minor note: I believe the current default port number for a FortiGate’s WAN interface for SSL-VPN is 443, and for a FortiGate in its fresh out-of-the-box default configuration overall you‘ll see a warning notice in the WAN Interface configuration section saying that this is in conflict with the management/Admin port number.
So you need to either change the management port number or the SSL-VPN port number or (both) ingressing to the WAN interface for the FortiGate to resolve by this default port number conflict.
(Also, a best practice security-wise is to also disable all protocols like https, ping, ssh, etc in the Admin management section on the WAN interface configuration page and only enable any of these protocols like https on a LAN interface only, unless you specifically need to manage the FortiGate through it’s WAN interface/Ethernet port, and you’re okay with the security risks)