Beginner ACL/school issue...

Attached is my topology....

I want to prevent the 10.1.1.0 network from being able to reach

the 10.3.1.0 network, this I had accomplished in the ACL.

However I though I should be able to ping from the R3 network over to the

R1 network, I am unable too. Why is this?

Here is my parts of my config and ACL...

R2#sh run int s0/0

Building configuration...

Current configuration : 160 bytes

!

interface Serial0/0

ip address 10.1.0.2 255.255.255.0

ip access-group LAN_R1_PREVENT in

ip accounting output-packets

ip accounting access-violations

end

------------------------

R2#sh access-l

Extended IP access list LAN_R1_PREVENT

10 permit ospf any any log (77 matches)

20 deny icmp 10.1.1.0 0.0.0.255 10.3.1.0 0.0.0.255 log (17 matches)

30 permit icmp any any log (4 matches)

40 permit icmp any any echo-reply

50 permit icmp any any time-exceeded

60 permit icmp any any packet-too-big

70 deny ip 10.1.1.0 0.0.0.255 10.3.1.0 0.0.0.255 log

80 deny ip any any

90 deny tcp any any

100 deny udp any any

-------------------------

I am going to speculate that (when pinging from PC3) the packet is making to the 10.1.1.0 network but

is unable to make it back to the pinging host due to the ACL, is this correct?

Note that when I take down the ACL the pings work just fine.

Here is the output on R2 when I attempt to ping from 10.3.1.1:

*Mar 1 07:10:54.379: %SEC-6-IPACCESSLOGDP: list LAN_R1_PREVENT denied icmp 10.1.1.1 -> 10.3.1.254 (8/0), 4 packets

From PC3 I can ping all the way up to 10.1.0.1

Thank you

Jimmy