Assign User Groups to a Gate

Prerequisites:

Create the user group. See Create a Group Using LDAP Queries and Filters.
Make sure a gate is available. See Create a Gate.

In the tree in the left pane, select the group that you want to assign to a gate.

Use the Group / Gate Assignments portion of the screen to specify gate(s) for the group’s users to utilize in order to access a protected resource.
Click Add.
From the Server drop-down list, select the authentication server for the AAA Server protected resource that users in this group can access.
If the group is not already assigned to a server, the Reference server for roaming remains selected and grayed out.

If a group is already assigned to a server, and you are assigning it to another server, you can choose to use roaming (mandatory with synchronous authentication) or to keep both servers as reference servers (possible only with asynchronous authentication).
From the Gate drop-down list, select the gate that users in this group must use to access the server. (Changing the gate automatically updates the Dictionary.)
Optionally, select an Authorization profile (AZ Profile) and/or an Accounting profile (AC Profile) for the server to use with users authenticating via this gate.

Important: If you specify an accounting profile (in the user group or in the gate), you also have to specify the type of accounting log trace (AAA Server database or Standard file) in the events configuration for the server.

If you choose the default setting, <GATE PROFILE>, then the server uses the profile defined for the gate, if any.
Click OK.
Repeat the steps until you have specified all the servers to which users in this group can authenticate, and all the gates they can use to access those servers.
Export data to the server. See Export Data to the AAA Server(s).