I am try to set up Lock and Key ACLs on dialer interfaces on a 2610. I want it for outbound traffic. Everything looks ok. However, when I telnet to the dialer interfaces IP and log in I get a message saying:

No input access group defined for Ethernet0/0.

What little information I can find on Lock and Key indicates you can put the ACL on any interface in or out. I am missing something here? Here is the part of my configuration that addresses the Key and Lock ACL.

Current configuration : 29521 bytes

!

version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname router

username testuser password testpass

!

interface Ethernet0/0

ip address 192.168.1.3 255.255.255.248

ip nat inside

half-duplex

no cdp enable

!

interface Group-Async1

no ip address

encapsulation ppp

dialer in-band

dialer pool-member 1

async mode dedicated

ppp authentication chap

group-range 33 40

!

interface Dialer1

description testdial

ip address 172.20.11.10 255.255.255.240

ip access-group 102 out

ip nat outside

dialer pool 1

dialer remote-name remotesite

dialer idle-timeout 45000

dialer string 628

dialer-group 1

no cdp enable

access-list 102 remark Testing Dynamic ACL

access-list 102 dynamic testacl timeout 120 permit ip any any log

access-list 102 permit tcp any host 172.20.11.10 eq telnet

access-list 102 deny ip any any log

line vty 0 4

password termpass

login local

autocommand access-enable timeout 5

end

Thanks Much!!!

Chuck Glover