There are a few ways to do it. First, you could create a separate Role and Connection Profile for each user. Not great if you have more than a few users. Secondly, if you are doing Radius auth, you can pull the static ip (FRAMED-IP-ADDRESS attribute)from the users radius policy. And lastly, you can input a static ip in each users Active Directory record then use that variable in the Connection Profile. If you are using DHCP instead of statically configuring ip pools you may be able to do something with that but I've never looked into it.
To use the active directory method, you will need to use an LDAP server for authorization (and/or authentication). On the AD server, you will need to define the IP address in one of the attributes available. On the PCS, you will need to go into the LDAP server instance>attributes, and add a new attribute (giving the attribute that is on the AD server) On the VPN Tunneling profile, you will set the IP address as