you would need to create a separate rule for each group. for example, create a rule for ContactGroupID 2 as:
Allow if
value: click the lightning bolt and select the SecurityAssist_UserGroupID session variable
Critirea: =
Compare to: 2
then apply that access rule to the client.php page.
same format for the other rules, just change the value entered in the compare to setting.