diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 7f073afba..8e3161c3d 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1337,7 +1337,7 @@ void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
 
 /**
  * \brief           Set the transport type (TLS or DTLS).
- *                  Default: TLS
+ *                  Default: TLS if both are enabled, or DTLS.
  *
  * \note            For DTLS, you must either provide a recv callback that
  *                  doesn't block, or one that handles timeouts, see
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b61453fe5..9afcc96e8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -10216,6 +10216,10 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
 void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
 {
     memset( conf, 0, sizeof( mbedtls_ssl_config ) );
+
+#if !defined(MBEDTLS_SSL_PROTO_TLS)
+    conf->transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+#endif
 }
 
 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 646909f11..fc601ecd6 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -43,14 +43,15 @@
     !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
     !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
     !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
-    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
+    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
+    !defined(MBEDTLS_SSL_PROTO_TLS)
 int main( void )
 {
     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
            "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
            "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "not defined.\n");
+           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or"
+           "MBEDTLS_SSL_PROTO_TLS not defined.\n");
     return( 0 );
 }
 #else
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 38c94be60..166578428 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -223,7 +223,7 @@ int main( void )
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 #define USAGE_DTLS \
-    "    dtls=%%d             default: 0 (TLS)\n"                           \
+    "    dtls=%%d             default: 0 (TLS) (if both enabled)\n" \
     "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
     "                        range of DTLS handshake timeouts in millisecs\n" \
     "    mtu=%%d              default: (library default: unlimited)\n"  \
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index b6f1cc4fd..62b4c4098 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -43,7 +43,8 @@
     !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
     !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
     !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C)
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) || \
+    !defined(MBEDTLS_SSL_PROTO_TLS)
 int main( int argc, char *argv[] )
 {
     ((void) argc);
@@ -53,7 +54,8 @@ int main( int argc, char *argv[] )
            "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
            "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
-           "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+           "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C and/or "
+           "MBEDTLS_SSL_PROTO_TLS not defined.\n");
     return( 0 );
 }
 #elif defined(_WIN32)
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index c73297c2a..55c90c645 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -48,14 +48,14 @@
     !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
     !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
     !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
-    !defined(MBEDTLS_FS_IO)
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_SSL_PROTO_TLS)
 int main( void )
 {
     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
            "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
            "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "not defined.\n");
+           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
+           "MBEDTLS_SSL_PROTO_TLS not defined.\n");
     return( 0 );
 }
 #else
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index b5026959a..b00f47617 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -45,7 +45,7 @@
     !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||            \
     !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||      \
     !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \
-    !defined(MBEDTLS_PEM_PARSE_C)
+    !defined(MBEDTLS_PEM_PARSE_C) || !defined(MBEDTLS_SSL_PROTO_TLS)
 int main( void )
 {
     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
@@ -53,7 +53,8 @@ int main( void )
            "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
            "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD "
-           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+           "and/or MBEDTLS_PEM_PARSE_C and/or "
+           "MBEDTLS_SSL_PROTO_TLS not defined.\n");
     return( 0 );
 }
 #else
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 1852b2bad..05d58fa74 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -44,14 +44,15 @@
     !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
     !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
     !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
-    !defined(MBEDTLS_PEM_PARSE_C)
+    !defined(MBEDTLS_PEM_PARSE_C) || !defined(MBEDTLS_SSL_PROTO_TLS)
 int main( void )
 {
     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
            "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
            "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+           "and/or MBEDTLS_PEM_PARSE_C and/or "
+           "MBEDTLS_SSL_PROTO_TLS not defined.\n");
     return( 0 );
 }
 #else
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index ec18dd91c..6d6293adc 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -329,7 +329,7 @@ int main( void )
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 #define USAGE_DTLS \
-    "    dtls=%%d             default: 0 (TLS)\n"                           \
+    "    dtls=%%d             default: 0 (TLS) (if both enabled)\n" \
     "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
     "                        range of DTLS handshake timeouts in millisecs\n" \
     "    mtu=%%d              default: (library default: unlimited)\n"  \