The pix is a stateful firewall and your 3750 is not. So when you allow traffic out through the pix from your clients to the internet the return traffic is automatically allowed back in because your firewall is keeping track of the connections.
But on your acl applied to the 3750 the last line is -
access-list 103 deny ip any any
this stops all return traffic from the internet being allowed in to your clients because the 3750 is not stateful. And there really isn't a way to make it stateful. You can -
1) use the "established" keyword for TCP connections which would allow tcp packets back in.
2) use reflexive access-lists which would also cater for ICMP and UDP but i don't think the 3750 will support reflexive acls.
To be honest you probably should just wait for your pix to be replaced because to allow your internal clients internet access would mean compromising the security of your network.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.