Mbed TLS is now part of TrustedFirmware.org.

mbedTLS DTLS sample on Windows 10

Aug 26, 2016 17:08
Andy Weston

Hi, I'm working on adding DTLS support to a Windows client program and I'm having trouble getting the dtls_client.c and dtls_server.c samples to connect to each other. My server side is Linux and I am able to get both of the dtls samples running there, in a VM, out of the box ... I do a "git clone" and a "cmake" and the samples run great.

On Windows, I do a "git clone", and use VS2015 to build using the mbedtls.sln file. The dtls_server sample runs fine, however the dtls_client fails with "mbedtls_ssl_handshake returned -0x50" and "Last error was: -80 - NET - Connection was reset by peer".

I turned off firewalls and virus checkers. I have other non-DTLS UDP traffic going out the box so I think I'm ok there. I ran Wireshark and I'm not seeing anything show up for the handshake. I even switched to a different machine and built there and that one hangs at the handshake and eventually times out.

Are there any Windows build flags that I can try? I feel like this is an OS setting, maybe a buffer size? or something? Thanks --Andy

Aug 29, 2016 09:06
Paul Bakker

I ran Wireshark and I'm not seeing anything show up for the handshake

This kind of says it, I guess. Seems like a firewal issue, not something to do with the app you are trying.

Aug 31, 2016 12:48
Andy Weston

Thanks, I found I wasn't seeing Wireshark traffic because I was running on one box. I moved the samples into some Azure VM's and I got some traffic ...



It never seems to respond from the Client Hello. This same code runs fine under Linux. --Andy

Sep 1, 2016 10:27
Paul Bakker

That's probably a Windows UDP quirk then. I don't have any expertise to help you with that. The good news is that it's probably just a UDP issue and not a DTLS issue. So that makes finding examples easier on the internet.

My suggestion would be to find a working UDP example and build on top of that.

Sep 1, 2016 14:29
Andy Weston

Ok, thanks, what I'm chasing now is that the client hello packet is 270 bytes under Windows, which fails. The packet is 216 bytes under Linux, and that works. So something to go on.

Nov 3, 2016 18:06


Did anyone find a solution to this issue? I am having the same problem. The tls example code runs just fine on windows, however the dtls example code does not, it always fails the handshake. However, someone else does have the dtls running on their linux machine.


Nov 4, 2016 02:53
Andy Weston

Hi, in the dtls_server sample, try using your IP address in the call to mbedtls_net_bind() instead of NULL Not sure why but windows doesn't seem to like binding to *

Nov 4, 2016 13:17

Thank you Andy, That worked!