Not sure if this is relevant or just me reading too much into things. @ptrduffy  not only do you not show a 172 ip address for a BRAS, but you seem to be connecting via routers with  62.x.x.x address whereas it appears that the op and myself connect via 31.x.x.x router. Perhaps different sections of BT customers are configured differently depending on location? I am in the Yorkshire dales if relevant.

This is me thinking out aloud / speculating but:How would BT be able to update the firmware on a SH2 unless they have access to an IP address to trigger the SH2 to look in some way or to directly push the firmware, or the SH2 polls a certain ip address. In any case being on a private network would seem to offer a level of security as those in the Internet would not be able to directly access the private ip address to upload their own firmware, nor hijack the ip address polled by the SH2 if that is how it works. 

@ptrduffy  Are you using a VPN?

@licquorice  - Nope, no VPN here

@countrypaul  - I'm in Glasgow, so a different part of the country from you.  Regarding BT updating hub firmware etc, I believe they are using TR-069 which was designed for that purpose (and I can see TR69 messages in my hub's event log).  That definitely requires a configuration server somewhere in the BT network, so I guess the .201.15 device could be that in some cases.

Thinking about this a bit more, I'd be really surprised at BT using anything in the 192.168.x.y range for any purpose - technically, I could set my home network to use the 192.168.201.y range, which would totally destroy any attempt by BT to use that address range for something else.  (I haven't checked to see if the hub prevents this allocation, as I'm not that curious 😁.)

---

@Sambobwrote:

Naturally I'm concerned about this and am reaching out for any help advice avaivable.

Certainly nothing to worry about.

I used DHCP for most devices and all devices have subnet 255.255.255.0 (/24 subnet) This should mean that communication on my LAN should be locked within the DHCP scope. I've recently done a network audit on my LAN using netscan and have been alarmed by an IP that is present outside of my IP range (192.168.201.15) and is able to communicate with my network. I can see this IP in netscan, however, it doesn't present a MAC address. I am able to ping this address.

Emphasis in bold. What makes you think it can communicate directly with your network? It will be no different to any other device out in the network/on the Internet. Looking at your screenshot, you specified the scope of the scan as 192.168.0.0-192.168.254.254. If you were wanting to limit things to your LAN, then you should have used /24 i.e. 192.168.1.0-192.168.1.254.

In an effort to gain insight, I accessed and reviewed the technical log from my router, which spans back to February 23rd, 2023. My search for occurrences of 192.168.201.15 within this log produced no results. As a result, there are no indications to ascertain whether this IP address serves any purpose linked to the router within the log.

It doesn't. The platform used for remote router configuration/firmware updates etc. wouldn't present itself as a private IP. What you'll be looking at is an interface belonging to one of the BT routers that takes your traffic out to the Internet. The reason everybody won't see this 'behaviour' will be becaue not everybody's traffic is routed the same way.

@bobpullenthanks for the input.

"What makes you think it can communicate directly with your network? It will be no different to any other device out in the network/on the Internet. Looking at your screenshot, you specified the scope of the scan as 192.168.0.0-192.168.254.254. If you were wanting to limit things to your LAN, then you should have used /24 i.e. 192.168.1.0-192.168.1.254."

I discovered 192.168.201.15 when doing a netscan of my subnet, /24 It showed up as if it was on my LAN, which is why I am concerned and believe it may have a broacast address.

The only reason my scan in the screenshot I have provided shows the whole range is because I decided to extend my scannning scope. Also note that this was done via a PC with a /24 subnet, so if 192.168.201.15 was not able to communicated with my LAN, it would not have shown up in the first place?