Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Tim,Everything looks fine in your ACE and it sure should work. Why dont you raise a case with Cisco TAC (technical assistance center), a TAC engineer would help you out. Meanwhile, you could try using the following ACEs -access-list 112 deny tcp any ...
Yes, since patch 3 consolidates patch 1 and patch 2, you could install patch 3 to solve this problem. You can find the release notes for patch 3 at http://www.cisco.com/en/US/partner/products/sw/cscowork/ps402/prod_release_note09186a00800e9580.html