Due to recent changes in some OS (6.4.9,7.0.1) behavior because of NAT64/NAT46 if using 'IP pool' in SSL VPN web mode firewall policy then it will not work.
As a workaround, configure the secondary IP of the interface which is associated in the SSL VPN setting as the listening interface as the IP used in the 'IP pool'.
This behavior has been fixed in 7.06 and 7.2.1 by introducing the below command option.
# config vpn ssl settings
web-mode-snat Enable/disable use of IP pools defined in firewall policy while using web-mode.
# set web-mode-snat ?
enable Enable use of IP pools defined in firewall policy while using web-mode.
disable Disable use of IP pools defined in firewall policy while using web-mode.
# set web-mode-snat enable
WARNING: IP-pools should be added as Secondary-IP to the SSL-VPN interface.
Related Article: Technical Tip: SSL-VPN Web mode with combination of IP Pools