access-class 1 in & out - i cannot telnet to all routers

hi

question 1.  i cannot telnet from machine 192.168.3.2/24  ?

task:  i would like only 192.168.3.2 telnet access (in/out of all routers)

steps taken:  i have attempted multiple different configurations but cannot seem to get it right.

                pc
    192.168.3.2/24
                |
         main-hub
      ______|_________
     |                        |
sanjose1/       sanjose2/
branch1         branch2

vista-main-hub:

access-list 1 remark (snmp remote management)
access-list 1 permit 192.168.3.2 log
!
line vty 0 4
 access-class 1 in
 access-class1 out
 password cisco1
 logging synchronous
 login local

sanjose1/branch1

access-list 1 remark (snmp remote management)
access-list 1 permit 192.168.3.2 log
!
line vty 0 4
 access-class 1 in
 access-class1 out
 password cisco1
 logging synchronous
 login local

sanjose2/branch2

!
access-list 1 remark (snmp remote management)
access-list 1 permit 192.168.3.2 log
!
line vty 0 4
 access-class 1 in
 access-class1 out
 password cisco1
 logging synchronous
 login local
vista-main-hub
sanjose1-branch1
sanjose2-branch2