I have set up the ASA as VPN Server (SSL). Everything works great. I can reach every office network and also the Internet.
Now I noticed that on our old network, the configuration was different. When we connected over the old VPN (IPsec), and we browsed the Internet, we didn't use the tunnel to our router. We used the Internet of our Client.
In other words, we didn't appear with the outside IP address from the office router to the Internet, we appeared with our own IP address (from my home).
I googled, but I don't find the correct configuration tutorial. Maybe I'm looking wrong. What I need is Split tunneling.
Best Answer
You can define an ACL and apply the ACL under the group policy using the split tunnel value command. You can then apply the group policy to the tunnel group.
It's explained in the documentation here:
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/119006-configure-anyconnect-00.html#anc13
Below will tunnel traffic only for the 10.10.0.0/16 network.
If you open your anyconnect client when connected and click the cog (advanced properties) and click on the route details tab you will see 10.10.0.0/16 as a secured route and 0.0.0.0/0 as an unsecured route.