Tunnel Mode SSL VPN

interface Loopback252
 description Cisco SSL VPN Client for WebVPN
 ip address 192.168.4.1 255.255.255.0

interface Virtual-Template2
 ip unnumbered Loopback252
 ip nat inside
 ip virtual-reassembly
!

ip local pool ILP_WVPN_CLIENT 192.168.4.100 192.168.4.105

webvpn gateway ssl-gw1
 hostname webvpn1
 ip interface Dialer0 port 443
 ssl trustpoint SSL
 inservice
 !
webvpn install svc flash:/webvpn/sslclient-win-1.1.4.176.pkg sequence 1
 !

webvpn context vpn1
 title "Welcome"
 secondary-color black
 title-color black
 ssl authenticate verify all
 !

policy group vpn1
   functions svc-enabled
   svc address-pool "ILP_WVPN_CLIENT"
   svc default-domain "cisco.com"
   svc keep-client-installed
   svc split exclude local-lans
   svc split dns "yourLocalDomain.com" ! this domain will be resolved by the tunnel DNS
   svc split exclude 10.0.0.0 255.0.0.0 ! exclude your local network
   svc dns-server primary 192.168.4.1
   svc dns-server secondary 8.8.8.8
 virtual-template 2
 default-group-policy vpn1
 gateway ssl-gw1
 inservice
!
end

P.S. statement "svc split [exclude|include]" can NOT be used at the same time.

SSL VPN
SSL VPN in IOS 12.4T
Cisco SSL VPN Configuration ( easy / simple example )
Cisco IOS SSL VPN Policy Groups
AnyConnect VPN Client on IOS Router with IOS Zone Based Policy Firewall Configuration Example
Configuring Cisco SSL VPN AnyConnect (WebVPN) on Cisco IOS Routers