Restrict Management access not working

Hi all, hoping someone can help.

I have an M4300-8X8F switch which i have configured the management interface to use the OOB service port. my parent company has passed along a security requirement where the management interfaces should only be accesible from a defined source subnet which should be easily done in modern switches.

In this switch I have found settings for Access Profile configuration which has the right options for permit and deny IP address or ranges to specific services such as HTTPS/SSH/etc. I have configured a combination of permit and deny rules with an attempt to get any traffic blocked to a management service however none of the settings seem to have any effect. The profile seems to have settings for enabled/disabled and i have tried with enabled setting set.  

Has anyone got this working and am i doing somethiing wrong??

running latest software 12.0.11.16 but didn't work on old software either. 

relevant config from cli. can also screenshot from web interface if needed

serviceport protocol none
serviceport ip 10.103.113.10 255.255.255.224 10.103.113.30
vlan database
vlan routing 1 1
exit

ip management source-interface serviceport
router rip
exit
router ospf
exit
ipv6 router ospf
exit
!Management ACAL
management access-list "MGMT-RESTRICTIONS"
deny ip-source 10.103.127.188 mask 255.255.255.255 service https priority 2
permit ip-source 10.103.87.192 mask 255.255.255.224 service https priority 5
permit ip-source 10.103.127.188 mask 255.255.255.224 service ssh priority 6
exit
management access-class MGMT-RESTRICTIONS
no bonjour run

The deny rule had no effect from 10.103.127.188 access using HTTPS and in the web interface it says packets filtered 0

I also can't seem to find any reference to access profile setup in the documentation.

Thanks