diff --git a/apps/assets/models/asset/host.py b/apps/assets/models/asset/host.py
index 46aeed4f3..a1dbb6de3 100644
--- a/apps/assets/models/asset/host.py
+++ b/apps/assets/models/asset/host.py
@@ -3,7 +3,6 @@ from .common import Asset
 
 
 class Host(Asset):
-    pass
 
     @classmethod
     def get_gateway_queryset(cls):
diff --git a/apps/assets/models/domain.py b/apps/assets/models/domain.py
index bf33caed6..248e02f20 100644
--- a/apps/assets/models/domain.py
+++ b/apps/assets/models/domain.py
@@ -13,8 +13,9 @@ from django.utils.translation import ugettext_lazy as _
 from common.db import fields
 from common.utils import get_logger, lazyproperty
 from orgs.mixins.models import OrgModelMixin
+from assets.models import Host
 from .base import BaseAccount
-from ..const import SecretType, GATEWAY_NAME
+from ..const import SecretType
 
 logger = get_logger(__file__)
 
@@ -37,7 +38,7 @@ class Domain(OrgModelMixin):
 
     @lazyproperty
     def gateways(self):
-        return self.assets.filter(platform__name=GATEWAY_NAME, is_active=True)
+        return Host.get_gateway_queryset().filter(domain=self, is_active=True)
 
     def select_gateway(self):
         return self.random_gateway()
diff --git a/apps/assets/serializers/domain.py b/apps/assets/serializers/domain.py
index 37d17c814..64c8c032c 100644
--- a/apps/assets/serializers/domain.py
+++ b/apps/assets/serializers/domain.py
@@ -1,28 +1,33 @@
 # -*- coding: utf-8 -*-
 #
 from rest_framework import serializers
+from rest_framework.generics import get_object_or_404
 from django.utils.translation import ugettext_lazy as _
 
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from common.drf.serializers import SecretReadableMixin
-from ..models import Domain, Asset
+from common.drf.fields import ObjectRelatedField, EncryptedField
+from assets.const import SecretType
+from ..models import Domain, Asset, Account
+from ..serializers import HostSerializer
+from .utils import validate_password_for_ansible, validate_ssh_key
 
 
 class DomainSerializer(BulkOrgResourceModelSerializer):
     asset_count = serializers.SerializerMethodField(label=_('Assets amount'))
     gateway_count = serializers.SerializerMethodField(label=_('Gateways count'))
+    assets = ObjectRelatedField(
+        many=True, required=False, queryset=Asset.objects, label=_('Asset')
+    )
 
     class Meta:
         model = Domain
         fields_mini = ['id', 'name']
-        fields_small = fields_mini + [
-            'comment', 'date_created'
-        ]
-        fields_m2m = [
-            'asset_count', 'assets', 'gateway_count',
-        ]
-        fields = fields_small + fields_m2m
-        read_only_fields = ('asset_count', 'gateway_count', 'date_created')
+        fields_small = fields_mini + ['comment']
+        fields_m2m = ['assets']
+        read_only_fields = ['asset_count', 'gateway_count', 'date_created']
+        fields = fields_small + fields_m2m + read_only_fields
+
         extra_kwargs = {
             'assets': {'required': False, 'label': _('Assets')},
         }
@@ -36,20 +41,86 @@ class DomainSerializer(BulkOrgResourceModelSerializer):
         return obj.gateways.count()
 
 
-class GatewaySerializer(BulkOrgResourceModelSerializer):
-    is_connective = serializers.BooleanField(required=False, label=_('Connectivity'))
+class GatewaySerializer(HostSerializer):
+    password = EncryptedField(
+        label=_('Password'), required=False, allow_blank=True, allow_null=True, max_length=1024,
+        validators=[validate_password_for_ansible], write_only=True
+    )
+    private_key = EncryptedField(
+        label=_('SSH private key'), required=False, allow_blank=True, allow_null=True,
+        max_length=16384, write_only=True
+    )
+    passphrase = serializers.CharField(
+        label=_('Key password'), allow_blank=True, allow_null=True, required=False, write_only=True,
+        max_length=512,
+    )
+    username = serializers.CharField(
+        label=_('Username'), allow_blank=True, max_length=128, required=True,
+    )
 
-    class Meta:
-        model = Asset
-        fields_mini = ['id']
-        fields_small = fields_mini + [
-            'address', 'port', 'protocol',
-            'is_active', 'is_connective',
-            'date_created', 'date_updated',
-            'created_by', 'comment',
+    class Meta(HostSerializer.Meta):
+        fields = HostSerializer.Meta.fields + [
+            'username', 'password', 'private_key', 'passphrase'
         ]
-        fields_fk = ['domain']
-        fields = fields_small + fields_fk
+
+    def validate_private_key(self, secret):
+        if not secret:
+            return
+        passphrase = self.initial_data.get('passphrase')
+        passphrase = passphrase if passphrase else None
+        validate_ssh_key(secret, passphrase)
+        return secret
+
+    @staticmethod
+    def clean_auth_fields(validated_data):
+        username = validated_data.pop('username', None)
+        password = validated_data.pop('password', None)
+        private_key = validated_data.pop('private_key', None)
+        validated_data.pop('passphrase', None)
+        return username, password, private_key
+
+    @staticmethod
+    def create_accounts(instance, username, password, private_key):
+        account_name = f'{instance.name}-{_("Gateway")}'
+        account_data = {
+            'privileged': True,
+            'name': account_name,
+            'username': username,
+            'asset_id': instance.id,
+            'created_by': instance.created_by
+        }
+        if password:
+            Account.objects.create(
+                **account_data, secret=password, secret_type=SecretType.PASSWORD
+            )
+        if private_key:
+            Account.objects.create(
+                **account_data, secret=private_key, secret_type=SecretType.SSH_KEY
+            )
+
+    @staticmethod
+    def update_accounts(instance, username, password, private_key):
+        accounts = instance.accounts.filter(username=username)
+        if password:
+            account = get_object_or_404(accounts, SecretType.PASSWORD)
+            account.secret = password
+            account.save()
+        if private_key:
+            account = get_object_or_404(accounts, SecretType.SSH_KEY)
+            account.secret = private_key
+            account.save()
+
+    def create(self, validated_data):
+        auth_fields = self.clean_auth_fields(validated_data)
+        instance = super().create(validated_data)
+        self.create_accounts(instance, *auth_fields)
+        return instance
+
+    def update(self, instance, validated_data):
+        auth_fields = self.clean_auth_fields(validated_data)
+        instance = super().update(instance, validated_data)
+        self.update_accounts(instance, *auth_fields)
+        return instance
 
 
 class GatewayWithAuthSerializer(SecretReadableMixin, GatewaySerializer):
diff --git a/apps/authentication/migrations/0015_alter_connectiontoken_login.py b/apps/authentication/migrations/0015_alter_connectiontoken_login.py
new file mode 100644
index 000000000..f2c6abecb
--- /dev/null
+++ b/apps/authentication/migrations/0015_alter_connectiontoken_login.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.14 on 2022-11-23 02:26
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0014_auto_20221122_2152'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='connectiontoken',
+            name='login',
+            field=models.CharField(max_length=128, verbose_name='Login account'),
+        ),
+    ]