We are running CBAC on a 2811 route with the following IOS c2800nm-adventerprisek9-mz.12-24.T2 This works fine and allows and blocks the traffic as designed. However if we reboot the router CBAC stops working, to get it working we remove a rule from the ACL and put it back in and CBAC starts allowing traffic. In the same ACL we have a rule to allow ssh, which we use to connect to the router for management, this works fine, as its not using CBAC and doesn't need to be passed out to the public side of the network. This shows that its not an issue with the ACL.
Any help would ba appreciated