This isn't really a problem, I more than anything am trying to understand. The network I inherited and work on with another tech who built it is primarily Meraki. There are about 35 sites that interconnect with Meraki's site to site VPN's setup with all the endpoints running as Hub (Mesh).
The client vpn's use the native windows client. They connect to one of the sites that actually isn't the primary location which I suppose doesn't matter.
Recently I was looking into a different issue and ran a tracert from my off-prem client machine connected to the VPN. I somewhat understand that this wouldn't provide a lot of info because it should only show the hops in between the site I'm connected to and the destination ip\device.
That said, it is showing a hop of 192.168.100.1.
What is weird is that is a subnet not in use anywhere in the organization. It's not in any ARP or Route tables on ANY of the sites networks. The 'modem' of the site the client vpn connects to is one of those ATT modems that is the modem\router\wifi ap all in one jobs but IP-Passthorugh is configured.
Though I got here troubleshooting a lot of dropped packets and interruption of the site-to-site vpn in the Meraki log. It turns out it was the secondary internet which is a cellular cradlepoint. The other tech shut that interface down and the issues cleared up but I still see that 'unknown' hop. The other tech said that was the end point at our corp location where the machine I was tracerting to is located and said that hop with the unknown subnet was that endpoint but that endpoint is on 192.168.15.0. which to me doesn't make any sense.
So I'm really just trying to figure out why that unknown subnet is a hop, for my own edification.
Thank you for reading. I appreciate any help understanding this better.