Carl this is a little vague what are you using to access the internet and we can help you from there. If it's a pix you should just allow outbound access if its a router you'll have to do a little more with the access-lists to keep a record of outbound traffic.
providing you are referring a pix or a router with firewall feature set (cbac) configured, then no inbound acl is required for internal user to access the internet. the reason being the pix or cbac is capable to permit the so-called return traffic.
assuming you are referring to a router with no firewall feature set but there is an existing inbound acl. then you may need to permit this by permitted any with source port tcp 80. but this is extremely risky.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...