What makes you think the addresses are incorrect? Not everyone allows VPN connections directly to their primary network, nor does everyone have a flat address scheme.
Our network uses 172.16 addresses at HQ and 172.17-18 at remote sites.. we have several security tiers with distinct VLANs. The VPN endpoints are in a 10.0.0.x network so they don't conflict with anything and can be quarrantined as necessary. The DMZ subnets are in 192.168.x.x range.
As to the actual problem.. what you are saying either is in conflict or is incomplete..
You have a main office using 192.168.x.0 network(s).
You have branch offices using 192.168.Y.0 networks, where "Y" represents one or more remote locations. RIGHT??
The branch locations have a network, right? Is the branch connected to the main office via a Site-Site VPN, or do individual users use VPN to connect?
If you have a Site-Site VPN, the user's would have no clue as to the VPN addresses as they would have only local IPs, and your subnet detection running on the client workstations would work properly.
If you're running some individual VPN connections, they would be treated differently and get a random VPN address. The local address would basically be meaningless, and would depend on where they were connecting from (home, StarBux, etc). You might be able to assign static VPN addresses and look them up based on that.
You need to better describe your environment before we can provide accurate answers. What kind of VPN (MS, Cisco, other).. Individual or Site-Site, etc..
Glenn
_________________________
Actually I
am a Rocket Scientist!
