These two networks are not on the switch. These are two networks that should be able to connect to svi interface via ssh and any other networks shouldn’t be able to ssh into them. 

Thanks

Why do we write include the wild card as 0.0.0.0 if the svi 10.180.6.0/24 . Shouldn’t it be 10.180.6.0 0.0.0.0.255? I may be wrong but I want to know the difference:

Access-lists use inverse mask or wildcard mask which is a mask of bits that indicates which part of an ip address are available for examination.

To calculate wildcard mask or inverse mask you subtract original mask from 255.255.255.255. Lets use this method to get the wildcard mask for 10.180.6.0/24

  255.255.255.255

- 255.255.255.0    or /24

______________

0.0.0.255  ( this will be the correct wildcard mask for 10.180.6.0/24 and not 0.0.0.0, a wildcard mask of 0.0.0.0 represent an host address where all bits are turned on and must match. I hope this makes sense.

Back to your original problem. Since you mentioned that networks you want to allow for remote access to switch over port 22 (ssh) should work with the access-list you have configured, but the direction under SVI 82 should be outbound and not inbound since incoming traffic from these two network arrive on another interface of this switch and exits (out) from the virtual Vlan interface which is vlan 82. But applying ACLs on the SVI to control vty access to the local switch may not be a good idea because it will make things more complex and you would need to add more lines to the ACL so you don't block any other traffic.

You can also apply this ACL to the physical interface on the switch in the inbound direction, but as I mentioned above it may be not be a good idea because it makes thing more complicated and if you are not careful it can affect legitimate traffic and cause outage that may affect all kind of traffic and not just the remote access to the switch. On the other hand when you apply ACLs just under the line vty as Dennis suggested, it can only affect remote access to the switch and not anything else.

Below configuration can be used to achieve your goal:

access-list 20 permit 10.180.4.0 0.0.0.255

access-list 20 permit 10.180.6.0 0.0.0.255

access-list 20 deny any

!

line vty 0 4

access-class 20 in

!

We aren’t using vty lines for some specific reason . 

This is management vlan . 

Wgat interface do you mean when you say traffic arrives on another interface and exists out vlan 82? 

My assumption was that since it is management vlan, traffic comes to the management vlan first and that’s why we are planning on blocking the traffic from enerering the switch via port 22.

Can you provide a traceroute output sourcing from 10.180.4.0/24 or 10.180.6.0/24 to management address on the switch?

I asked for traceroute so I could look at the traffic flow. It's possible that your ACL is working, but there may be another way for other networks to get in and remotely access the switch, so once you implement the ACL run a traceroute from the source network that should be blocked by the ACL and that would reveal whether it's a routing issue or the ACL.

If that's not the case then try implementing both in or out and see which one works. If none of this works then please provide a drawing of your network so we can see how the traffic flows.