In FortiOS 7.4.10, Fortinet implemented a feature, that requires explicit firewall policies, but you should be aware of it, as everything stops between the interfaces when you upgrade to version 7.4.10+ if you do not have the explicit rules in place yet.
Changes in default behavior | FortiGate / FortiOS 7.4.10 | Fortinet Document Library
The fix:
config system global
set allow-traffic-redirect enable
end
“Upon upgrade, both of these settings will be changed to disable even if they were enabled before.
Disabling this setting ensures that traffic arriving at an interface and redirected out on the same interface requires a firewall policy to explicitly allow the traffic. If you want to redirect traffic without the need for a policy based only on routing decision, then manually enable these settings.”