Cisco Anyconnect Secure Mobility Client is software user-friendly application which creates VPN tunnel with VPN head end. Anyconnet by default uses SSL protocol to encrypt packets (can use also ikev2 / IPSec protocols).

 1. Configuring Cisco anyconnect image definition:

webvpn
enable outside
anyconnect-essentials
anyconnect image disk0:/anyconnect-win-4.2.02075-pre-deploy-k9.pkg 1
anyconnect image disk0:/anyconnect-macosx-i386-4.2.02075-pre-deploy-k9.pkg 2
anyconnect enable
tunnel-group-list enable

 2. Creating local pool for IP addressing of anyconnect clients

ip local pool VPNPOOL 172.21.0.1-172.21.0.254 mask 255.255.255.0

 3. Configuring Nat exemption for excluding VPN traffic:

nat (inside,outside) source static BB BB destination static VPN VPN

 4. Configuring Group policy definition for use in tunnel-group:

group-policy admin internal
group-policy admin attributes
banner value VPN USERS!
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPNSPLIT
default-domain value aviumssoltions.com
split-tunnel-all-dns disable
address-pools value VPNPOOL
webvpn
anyconnect ask enable

 5. Creating Tunnel Group definition:

tunnel-group admin type remote-access
tunnel-group admin general-attributes
default-group-policy admin
tunnel-group admin webvpn-attributes
group-alias admin enable

For quick troubleshooting:

show vpn-sessiondb anyconnect