If your organization's security policy allows computer authenticated accounts to access the Internet, the following policy should address the problem.
realm="IWA_Realm_Name" group="DOMAIN\Domain Computers" ALLOW
realm="IWA_Realm_Name" group="DOMAIN\Domain Computers" user.login.log_out(yes)
The 'Domain Computers' is available as a source Group object in the VPM's Web Access Layer, similar as other group objects. Hence, the CPL above can also be applied fom the VPM.
Do not use any IP-based surrogate such as Proxy-IP for authentication because the ProxySG may not reauthenticate user traffic within the cached duration. If you need to use an IP-based surrogate, use the user.login.log_out(yes) policy above.