We are attempting to migrate windows10 devices to Prelogon, Always-On GP app/VPN config with Internal Host Detection. We are not using an Internal Gateway.
We are running GP client 5.2.10. The new VPN configuration seems to connect just fine along with Internal Host Detection working. During our testing we noticed that after the client device (windows 10) is disconnected from the VPN, shutdown, then moved to a local network (wifi) connection and booted up, the GP app displays "connection failed" just prior to the local wifi connection and then 3 or 4 minutes after the wifi connection is established, continues to display this message. My theory is that the GP client is attempting an Internal Host Detection (reverse DNS lookup) at bootup but before the wifi connection gets established, the IHD fails due to no network connection at the time and the GP app displays "connection failed" since the IHD failed. We have waited 3 or 4 minutes after the wifi connection is made and still the same message is displayed. I believe under normal circumstances for a local network connection the GP app should display "internal connection" and the network domain it connected to. If my theory is correct is there a way to delay the Internal Host Detection from occurring or delay the GP service in some way? Any other theories on this or anyone have a similar problem?
So you need to ensure that WIFI access is enabled at a machine level, not user. Theres a windows setting for this.
If the save wifi networks aren't available at the login prompt, you'll have to wait for the user to login then all of the services to start up.
this goes for PSK wifi networks and more importantly ones using 802.1x where you need to ensure its a machine and not user cert.