Outbound VPN connectivity fails because the firewalls untrusted IP is NAT'd to the Fatpipes WAN IP.

Solution: Configure outbound interface specific policy route routing the firewalls external IP NAT disabled if destined for remote VPN peer IP.

Example: Select All from Protocol drop down. Source IP (Firewalls external IP), Source port *, Destination (Remote VPN peer IP), Destination port *. Edit primary WAN (Typically WAN1) and disable all NAT. This allows the firewall's public facing IP to route without being NAT'd out the primary WAN if destined for the remote peer.