I've currently got a set of servers that all go through a switch and out via an asa firewall.

I know there isn't a problem with port 80 as the servers can navigate to external sites such as google.

Here is a result of a packet-trace:

bt(config)# packet-tracer input inside tcp 10.20.3.148 www 10.20.3.148 www detailed

Phase: 1
Type: CAPTURE
Subtype:
Result: ALLOW
Config:
Additional Information:
 Forward Flow based lookup yields rule:
 in  id=0xca88f500, priority=13, domain=capture, deny=false
        hits=37877223, user_data=0xca88f400, cs_id=0x0, l3_type=0x0
        src mac=0000.0000.0000, mask=0000.0000.0000
        dst mac=0000.0000.0000, mask=0000.0000.0000
        input_ifc=inside, output_ifc=any
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
 Forward Flow based lookup yields rule:
 in  id=0xcabe35b8, priority=1, domain=permit, deny=false
        hits=18614673, user_data=0x0, cs_id=0x0, l3_type=0x8
        src mac=0000.0000.0000, mask=0000.0000.0000
        dst mac=0000.0000.0000, mask=0100.0000.0000
        input_ifc=inside, output_ifc=any
Phase: 3
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   10.20.3.0       255.255.255.0   inside
Phase: 4
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
 Forward Flow based lookup yields rule:
 in  id=0xcabe4508, priority=111, domain=permit, deny=true
        hits=0, user_data=0x0, cs_id=0x0, flags=0x4000, protocol=0
        src ip/id=0.0.0.0, mask=0.0.0.0, port=0
        dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
        input_ifc=inside, output_ifc=inside
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule

I'm not 100% sure I got that trace correct, should it be inside ip to inside ip or inside ip to outside (or vice versa) ?

I've got the following access-lists in and tried to run a capture but got nothing with regards to serving internal/external ip

access-list cap extended permit ip any host 195.171.9.148
access-list cap extended permit ip host 195.171.9.148 any
access-list cap extended permit ip any host 10.20.3.148
access-list cap extended permit ip host 10.20.3.148 any

Am I missing a rule in the access lists?