Cisco Support Community
Community Member

%DTLS-3-BAD_RECORD: Erroneous record received from

Hi folks,  I have seen a couple of posts in the forums that are associated to this message but most of them discuss APs not joining or something of that nature. 

My situation is that I get this error "%DTLS-3-BAD_RECORD: Erroneous record received from.......(duplicate replayed record)"  from the logging on my access points even though they are running and connected just fine. I see this on 3502i running on and also on a converted 1200 series AP on the same controller(4404).

I have directed the syslog messages from my access points to my syslog server recently and began noticing many of these in the logs over the past week.  Again, They APs are joined and servicing clients so it seems like a true duplicate packet issue somewhere.  The IP address that is referenced in the logs equates to my AP-MANAGER address. 

Was just hoping that somebody has seen these before and had some guidance but better yet a fix!  


Everyone's tags (2)
Community Member

%DTLS-3-BAD_RECORD: Erroneous record received from


I don't know if this helps any, but I recently had an issue with APs (AIR-LAP1142N-E-K9) trying to join a 5508 controller and they were exhibiting similar behaviour. The answer to my issue was that there was a duplex mismatch in the middle of the path between AP/Controller. The APs were in remote sites connecting back to the HQ and the connection from the Firewall to the Switch had a duplex mismatch. Cisco TAC confirmed that this would be affecting the DTLS connection between AP & Controller.

It was obviously a strange one hence why I've posted this response.



CreatePlease to create content