what exact command would you like to see?

ok, you use redistribute in EIGRP with prefix list for one VPN Pool ? is that right, 
it can that prefix list include the three VPN Pool not one 

Hi MHM.

Rob says...

"if you change that static route to "outside" instead of "inside" you won't get the original issue. The anyconnect pool logically exists on the outside interface.

The guide I previous provided covers this exact scenario, covering the static summary route, prefix, route map, you then redistribute into eigrp. You will then have a single /24 route in the network that won't flap."

Do you agree with this as best solution?

sorry for late reply, 
NOW 
case1 
you have active anyconnect the routing table will be as below 
v 192.168.1.1/32 OUTside 
s 192.168.1.0/24 OUTside

when traffic come from the INside to anyconnect .1 the traffic will use which route ? the longest sure so it will go via OUTside to anyconnect .1 host 

case2 
you have inactive anyconnect the routing table will be as below 
s 192.168.1.0/24 OUTside 
the traffic cone from the INside to anyconnect .1 (inactive) the traffic will use static route and send to OUTside even if there is no active anyconnect receive this packet...

so it better to make ASA drop the packet than full the OUTside with dummy packet. 

that my view why you dont need static route

Hi MHM

1. If the AD on static route is higher than the AD on dynamic route, but the dynamic route has /32 prefix, which route is selected?

2. If the anyconnect subnet is only used for anyconnect users, then is it true that there is no situation in which a packet will seek to route to the anyconnect subnet when there is no /32 route present? 

@jmaxwellUSAF whether you redistribute a summary /24 for the anyconnect VPN network or hundreds of /32's  to the adjacent network devices, they would be pointing to the same destination (the ASA), so it doesn't matter which is preferred. The only benefit of a summary route is you don't have hundreds of /32 in the routing table of adjacent network devices (assuming you don't redistribute the /32s).

If there are no anyconnect users connected to the ASA but there is a summary it's still unlikely there would be traffic destined to the anyconnect pool network routed to the ASA in the first place.

You could always specify the interface as null instead of outside, so therefore anything routed to the ASA that does not have a connected anyconnect user would be dropped, if that is a concern.

In short, removing that static via inside interface resolves your initial issue or recreating that route via outside/null also resolves the initial issue.

Hi MHM. This task is scheduled for execution. (Things take a long time around here.)

You stated... "Do you agree that all I need to do is remove the existing static route symptomatic ASA ? Yes"

QUESTION: When I remove this debilitating route, will there be any negative experience for the users on this Anyconnect VPN?-- Will they be kicked off? Will they need to log off then back in to avoid negative symptoms?

Or will the removal of the route give no change in experience at all to the active Anyconnect users?

Thank you.

S 10.2.200.0 255.255.255.0 [1/0] via 10.2.222.3, Inside

Remove this only