Hi Simon,
The preffered method to assign IPs to the dialup users is an IP pool on the FW. The IP assignment is a part of XAUTH.
The local IP can also be used but this is not a good approach, especially if you have multiple users which may have overlapping local addressing or use many different IP networks.
You can decide if the users always get the same IPs or different pool IPs in a round-robin manner. In any case you have a full control over addressing and routing, if an IP pool is used.
Neither 0.0.0.0 nor 255.255.255.255 can be assigned and this is not required.
You should configure the remote networks under the Split Tunneling section on the NCP client. These might be in your case 192.168.1.0/24 and 2.2.2.2/32 (2.2.2.2/255.255.0.0 is incorrect, unless you mean 2.2.0.0/255.255.0.0).
The matching Proxy IDs on the FW are:
255.255.255.255/32 - 192.168.1.0/24
255.255.255.255/32 - 2.2.2.2/32
The 255.255.255.255/32 means here something like "any single IP seen through the tunnel".
The access policies should be configured with the assigned IPs rather than 255.255.255.255/32.
An excelent step-by-step NCP configuration guide is here:
http://www.ncp-e.com/fileadmin/pdf/service_support/NCP_QuickInstallationGuide-NCPwithJuniperScreenOS.pdf
Just ignore what is said regarding the policy based VPN.