FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes that the reCAPTCHA functionality on websites is based on embedded Google security verification, which verifies that reCAPTCHA solutions are originated from the original list of domains defined for the service.
When using the SSL VPN web mode, FortiGate hosts a proxy to the customer's website, and the domain that sends out the request to the Google reCAPTCHA would be the FortiGate instead of the original customer's website, so it will not work.
Scope
Solution
The solution or workaround is to use SSL VPN tunnel mode instead.
