Yes, it is possible to run outbound connections to vpn clients. Not only does the vpn gateway have to allow those outbound connections on the local-lan link that unencrypted packets pass, but the cisco vpn client cannot be running the stateful firewall in active mode. A check mark will appear by the stateful firewall option in the vpn options if it is active.
Note that unless that client will always get assigned the same ip address, you would have to configure the gateway to allow outbound connections to the pool, since it won't know beforehand which client is running the ssh service. So there is security risk, but it can be accomplished.
You do not need to run ssh on the vpn gateway since the ssh is an end-to-end session between the vpn client and an internal network host.
Let me know if you need more help.