I have an FWSM that is denying traffic when there is explicit permits in the access-list that is applied to the interface. I have included the relevent config and log information. Does anyone have any ideas?

access-group police in interface police

interface police

ip address police 192.168.253.1 255.255.255.0 standby 192.168.253.2

access-list police remark ***Access to VPN

access-list police extended permit ip any any

access-list police extended permit udp any any

access-list police extended permit esp any any

access-list police extended permit tcp any any

static (inside,police) 10.0.0.0 10.0.0.0 netmask 255.0.0.0

static (police,inside) policenet policenet netmask 255.255.255.0

name 192.168.253.3 police1

name 192.168.253.4 police2

name 192.168.253.5 police3

name 192.168.253.0 policenet

name x.x.x.x policevpn

name x.x.x.x policevpn2

Dec 09 2008 15:26:29: %FWSM-3-106010: Deny inbound udp src police:police1/1040 dst inside:policevpn2/5008

Dec 09 2008 15:26:30: %FWSM-3-106010: Deny inbound udp src police:police1/1040 dst inside:policevpn/5008

Dec 09 2008 15:26:37: %FWSM-3-106010: Deny inbound udp src police:police1/1040 dst inside:policevpn/5008

Dec 09 2008 15:26:45: %FWSM-3-106010: Deny inbound udp src police:police1/1040 dst inside:policevpn2/5008

Dec 09 2008 15:26:45: %FWSM-3-106010: Deny inbound udp src police:police1/1040 dst inside:policevpn2/5008