I have put an access list on the serial sub interface to block addresses from Asia Pacific, but when I check my internal logs I am seeing that they are still coming through. Here is my access list setup.

!

interface Serial0/0.1 point-to-point

description connected to Internet

ip address 67.x.x.x 255.255.255.252

ip access-group 2 in

ip nat outside

frame-relay interface-dlci 606

!

access-list 2 deny 67.117.54.0

access-list 2 deny 131.171.48.0

access-list 2 deny 67.92.0.0

access-list 2 deny 67.40.82.0

access-list 2 deny 61.0.0.0

access-list 2 deny 67.113.86.0

access-list 2 deny 62.199.133.0

access-list 2 deny 67.104.151.0

access-list 2 deny 194.0.0.0

access-list 2 deny 202.0.0.0

access-list 2 deny 203.0.0.0

access-list 2 deny 210.0.0.0

access-list 2 deny 67.17.128.0

access-list 2 deny 211.0.0.0

access-list 2 deny 212.0.0.0

access-list 2 deny 67.105.254.0

access-list 2 deny 213.0.0.0

access-list 2 deny 67.92.202.0

access-list 2 deny 218.0.0.0

access-list 2 deny 219.0.0.0

access-list 2 deny 220.0.0.0

access-list 2 deny 221.0.0.0

access-list 2 deny 216.35.10.0

access-list 2 deny 61.134.74.0

access-list 2 deny 213.35.0.0

access-list 2 permit any

What could be wrong with my setup?

Thanks for any help

Todd