The security sample you post requires the router to run IOS image with FW feature (supporting CBAC to be precise).You have better chance of having FW IOS image with something newer like 831 router.
specifically, the line:access-list 100 permit udp any any eq domainwhich should be amended to:access-list 100 permit udp any eq domain any IP inspect maintains a session table for any packets that leave so when it returns from the host on the internet, the router allows it past the ACL.
I redid the config using basic ACL permit/deny statements and the name resolution isn't working. enable secret 5 xxxxxxxxxxxxxxxxenable password 7 xxxxxxxxxxxxxxxx!
I have permit statements for tcp and udp port 53 for DNS but it's still not working. Here's my updated config:version 12.3service timestamps debug uptimeservice timestamps log uptimeservice password-encryptionservice udp-small-serversservice tcp-small-servers! no aaa new-modelip subnet-zerono ip domain lookupip dhcp excluded-address 192.168.126.1!
interface Ethernet1 description Inside interface ip address 192.168.126.1 255.255.255.240 no ip redirects no ip unreachables no ip proxy-arp ip nat inside no ip route-cache ip tcp adjust-mss 1452! interface Serial1 no ip address no ip route-cache shutdown!
ip nat inside source list 1 interface Ethernet0 overloadno ip http serverip classless!!