I need help configuring an Access Control List $($ACL$)$ for my Cisco networking project. Here$$s the desired setup:

$1.$ Lab $1,$ Lab $2,$ and Lab $3$ should not be able to ping the Staff network.

$2.$ The Staff network should be able to ping devices in Lab $1,$ Lab $2,$ and Lab $3.$

$3.$ Devices in Lab $1,$ Lab $2,$ and Lab $3$ should be able to communicate $($ping$)$ with each other.

Current Issue:

$$ I have configured the ACL, and it successfully denies traffic from Lab $1,$ Lab $2,$ and Lab $3$ to the Staff network. However:

$$ Devices in the Staff network cannot ping devices in Lab $1,$ Lab $2,$ and Lab $3.$

$$ The ACL is denying all traffic in that direction, even though the intention is to allow it$.$

$$ Additionally, I need confirmation that devices in the lab networks can still ping each other without interference.

I$$m unsure where I went wrong and would appreciate guidance on fixing the ACL configuration.

Current configuration have hsrp ether channel and ospf able. But without acl all able to ping fine.

Current tried acl is

If I am in let say lab $1$ I permit lab $2$ and lab$3$ lastly permit ip any any for the staff. Do let me know if my acl logic is wrong. Or maybe my configuration that might need to troubleshoot.

Vlan $10192\mathrm{.}168\mathrm{.}2\mathrm{.}1/27$ lab$1$

Vlan $20192\mathrm{.}168\mathrm{.}2\mathrm{.}32/27$ lab$2$

Vlan $30192\mathrm{.}168\mathrm{.}2\mathrm{.}64/27$ lab$3$

Vlan $40192\mathrm{.}168\mathrm{.}2\mathrm{.}96/28$ lab$4$