Cisco Any Connect running with a number of people accessing centralised services without any issues bi-directionally. Adding the recommended “ENABLE TRAFFIC BETWEEN TWO OR MORE HOSTS CONNECTED TO THE SAME INTERFACE” should allow a VPN client either SSL or IPSEC to communicate with a peer connecting via the same method. This should also allow inter-communication with an site connected on a LAN-2-LAN terminating on the ASA.
However, add a simple NAT statement to not NAT INSIDE to OUTSIDE and it breaks the inter-communication. The options are remove the NAT or add a NAT statement above it. I worked around this by creating a Network_Object_Group and placing a high level summarised subnet for the SSL clients and all of the LAN-2-LAN sites into it. A NAT statement was then generated placing the src interface as the OUTSIDE and the destination interface as the OUTSIDE and selecting the newly created group for all src and dst translations.
I guess you’d call it a feature . . .