diff --git a/modules/mbedtls/Kconfig.tls-generic b/modules/mbedtls/Kconfig.tls-generic
index 680cb24d018..3c0e17c0fe3 100644
--- a/modules/mbedtls/Kconfig.tls-generic
+++ b/modules/mbedtls/Kconfig.tls-generic
@@ -473,4 +473,12 @@ config MBEDTLS_LMS
 	depends on MBEDTLS_PSA_CRYPTO_C
 	depends on MBEDTLS_HASH_SHA256_ENABLED
 
+config MBEDTLS_SSL_DTLS_CONNECTION_ID
+	bool "DTLS Connection ID extension"
+	depends on MBEDTLS_DTLS
+	help
+	  Enable support for the DTLS Connection ID extension
+	  which allows to identify DTLS connections across changes
+	  in the underlying transport.
+
 endmenu
diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h
index 9d8ab757843..2268571abe0 100644
--- a/modules/mbedtls/configs/config-tls-generic.h
+++ b/modules/mbedtls/configs/config-tls-generic.h
@@ -475,6 +475,10 @@
 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
 #endif
 
+#if defined(CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define MBEDTLS_SSL_DTLS_CONNECTION_ID
+#endif
+
 /* User config file */
 
 #if defined(CONFIG_MBEDTLS_USER_CONFIG_FILE)