Gateway users require a gateway authenticator to be configured to allow users to be authenticated using a different server. This is a feature of the Enterprise MFT only of CompleteFTP.
A gateway authenticator is an authentication extension that authenticates user attempting to log in via another server, using whatever protocol is selected. When the user details are received in CompleteFTP, a login attempt to the remote server is attempted using the supplied credentials.
To configure a gateway authenticator, select "General user settings" link from the Users tab. "Gateway" is listed amongst "Other authentication methods", and has a "Configure" link that must be selected (below).
This brings up the "Gateway configuration" dialog box which allows the addition and removal of gateways (shown below). Multiple gateways can be configured, meaning multiple different machines can be tried for authentication, in the order in which they are listed.
There are both "Basic" and "Advanced" connection properties to be configured for each gateway. Usually the basic properties are all that is required - the protocol, the server address and port, and optionally the initial directory to change to on the remote machine.
If the basic settings are not sufficient, the advanced settings should be examined. These include character encoding; connection settings such as proxies, timeouts and active and passive settings; directory listing settings such as caching of listings; and transfer settings. These settings permit a fine degree of configuration control over a gateway authenticator.
If SFTP with public key authentication is required and the users' public keys are to be stored on the remote server then the remote server must (1) be a CompleteFTP server, (2) have SFTP enabled and (3) have the password authentication method enabled. Even though password authentication must be enabled on the remote server, the user is indeed verified on that server via their public key.