So, a customer uses a FortiNet VPN gateway. Because I have perfectly fine IPsec software already installed, the only thing missing are appropriate settings. As they use IKEv1 in aggressive mode, there is not much of an error reply if you get any of them wrong.
So, here's a StrongSwan setup that works for me:
conn fortinet left=%any leftauth=psk leftid="" leftauth2=xauth xauth_identity="your username" leftsourceip=%config right=gateway IP address rightsubnet=VPN subnet rightauth=psk keyexchange=ikev1 aggressive=yes ike=aes128-sha1-modp1536! esp=aes128-sha1-modp1536! auto=add
Not sure if that can be optimized further by getting the VPN subnet through mode_config as well, but I'm basically happy with the current state.
In addition to that, you need the PSK and XAUTH secrets, obviously.