Hi every one.we have an ASA5520 in our HQ office which users connect to it via remote access vpn with cisco vpn client.i have problem to assigning ip address to users when they connect to ASA.i have configured a Pool for users.also i want to assign specific ip address from pool to speciffic users so i have configured usernames with attributes.

ip local pool 192.168.10.1-192.168.10.254 mask 255.255.255.0

group-policy nins internal

group-policy nina attributes

vpn-tunnel-protocol IPSec

split-tunnel-policy excludespecified

split-tunnel-network-list value split

username user1 password P4tt33SV8TYp encrypted privilege 0

username user1 attributes

vpn-group-policy nina

vpn-framed-ip-address 192.168.10.2 255.255.255.0

this configuration was ok and users get ip address that is configured on user attribute but after i have configured some users with asdm,asdm added some default configuration such as

dynamic-access-policy-record DfltAccessPolicy

group-policy DfltGrpPolicy attributes

vpn-tunnel-protocol IPSec

and now when a user tries to connect it doesnt get ip address configured on user attribute insted asa gives a random ip address from pool.so how can i fix this problem?

i think may be the default DfltGrpPolicy and "dynamic-access-policy-record DfltAccessPolicy" couse this problem?thanks.