diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index afaa1f0..8ebce4f 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1336,6 +1336,36 @@ error:
 	return -1;
 }
 
+static int dtls_set_mtu(struct dtls_details *dtls, const struct ast_rtp_dtls_cfg *dtls_cfg)
+{
+	long socket_mtu;
+
+	/* BUGBUG hardcoded DTLS-SRTP socket MTU being set */
+	socket_mtu = 1280;
+	if (socket_mtu) {
+		if (socket_mtu < DTLS_get_link_min_mtu(dtls->ssl)) {
+			ast_log(LOG_ERROR, "DTLS-SRTP MTU too small. Must be at least %ld\n",
+				DTLS_get_link_min_mtu(dtls->ssl));
+			goto error;
+		}
+		SSL_set_options(dtls->ssl, SSL_OP_NO_QUERY_MTU);
+		if (!DTLS_set_link_mtu(dtls->ssl, socket_mtu)) {
+			ast_log(LOG_ERROR, "Failed to set DTLS-SRTP MTU\n");
+			goto error;
+		}
+	}
+	return 0;
+
+error:
+	SSL_free(dtls->ssl);
+	dtls->ssl = NULL;
+	dtls->read_bio = NULL;
+	dtls->write_bio = NULL;
+	ast_mutex_destroy(&dtls->lock);
+
+	return -1;
+}
+
 static int dtls_setup_rtcp(struct ast_rtp_instance *instance)
 {
 	struct ast_rtp *rtp = ast_rtp_instance_get_data(instance);
@@ -1455,12 +1485,6 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 			return -1;
 		}
 
-		if (!(certbio = BIO_new(BIO_s_file()))) {
-			ast_log(LOG_ERROR, "Failed to allocate memory for certificate fingerprinting on RTP instance '%p'\n",
-				instance);
-			return -1;
-		}
-
 		if (rtp->local_hash == AST_RTP_DTLS_HASH_SHA1) {
 			type = EVP_sha1();
 		} else if (rtp->local_hash == AST_RTP_DTLS_HASH_SHA256) {
@@ -1471,6 +1495,12 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 			return -1;
 		}
 
+		if (!(certbio = BIO_new(BIO_s_file()))) {
+			ast_log(LOG_ERROR, "Failed to allocate memory for certificate fingerprinting on RTP instance '%p'\n",
+				instance);
+			return -1;
+		}
+
 		if (!BIO_read_filename(certbio, dtls_cfg->certfile) ||
 		    !(cert = PEM_read_bio_X509(certbio, NULL, 0, NULL)) ||
 		    !X509_digest(cert, type, fingerprint, &size) ||
@@ -1516,6 +1546,9 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 
 	res = dtls_details_initialize(&rtp->dtls, rtp->ssl_ctx, dtls_cfg->default_setup);
 	if (!res) {
+		res = dtls_set_mtu(&rtp->dtls, dtls_cfg);
+	}
+	if (!res) {
 		dtls_setup_rtcp(instance);
 	}