diff --git a/src/internal.c b/src/internal.c
index eea01f1d4..7a2690ed8 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -9914,7 +9914,7 @@ ProtocolVersion MakeDTLSv1_3(void)
     word32 LowResTimer(void)
     {
         int64_t t;
-    #if defined(CONFIG_ARCH_POSIX)
+    #if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_BOARD_NATIVE_POSIX)
         k_cpu_idle();
     #endif
         t = k_uptime_get(); /* returns current uptime in milliseconds */
diff --git a/tests/api.c b/tests/api.c
index b5e5e1fd1..5b19169a5 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -1546,24 +1546,24 @@ static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
 
     const byte cipherList[] =
     {
-        /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x16,
-        /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA  */ 0xC0, 0x39,
-        /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA  */ 0xC0, 0x33,
-        /* TLS_DH_anon_WITH_AES_128_CBC_SHA  */ 0xC0, 0x34,
-        /* TLS_RSA_WITH_AES_256_CBC_SHA      */ 0xC0, 0x35,
-        /* TLS_RSA_WITH_AES_128_CBC_SHA      */ 0xC0, 0x2F,
-        /* TLS_RSA_WITH_NULL_MD5             */ 0xC0, 0x01,
-        /* TLS_RSA_WITH_NULL_SHA             */ 0xC0, 0x02,
-        /* TLS_PSK_WITH_AES_256_CBC_SHA      */ 0xC0, 0x8d,
-        /* TLS_PSK_WITH_AES_128_CBC_SHA256   */ 0xC0, 0xae,
-        /* TLS_PSK_WITH_AES_256_CBC_SHA384   */ 0xC0, 0xaf,
-        /* TLS_PSK_WITH_AES_128_CBC_SHA      */ 0xC0, 0x8c,
-        /* TLS_PSK_WITH_NULL_SHA256          */ 0xC0, 0xb0,
-        /* TLS_PSK_WITH_NULL_SHA384          */ 0xC0, 0xb1,
-        /* TLS_PSK_WITH_NULL_SHA             */ 0xC0, 0x2c,
-        /* SSL_RSA_WITH_RC4_128_SHA          */ 0xC0, 0x05,
-        /* SSL_RSA_WITH_RC4_128_MD5          */ 0xC0, 0x04,
-        /* SSL_RSA_WITH_3DES_EDE_CBC_SHA     */ 0xC0, 0x0A,
+        /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0x00, 0x16,
+        /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA  */ 0x00, 0x39,
+        /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA  */ 0x00, 0x33,
+        /* TLS_DH_anon_WITH_AES_128_CBC_SHA  */ 0x00, 0x34,
+        /* TLS_RSA_WITH_AES_256_CBC_SHA      */ 0x00, 0x35,
+        /* TLS_RSA_WITH_AES_128_CBC_SHA      */ 0x00, 0x2F,
+        /* TLS_RSA_WITH_NULL_MD5             */ 0x00, 0x01,
+        /* TLS_RSA_WITH_NULL_SHA             */ 0x00, 0x02,
+        /* TLS_PSK_WITH_AES_256_CBC_SHA      */ 0x00, 0x8d,
+        /* TLS_PSK_WITH_AES_128_CBC_SHA256   */ 0x00, 0xae,
+        /* TLS_PSK_WITH_AES_256_CBC_SHA384   */ 0x00, 0xaf,
+        /* TLS_PSK_WITH_AES_128_CBC_SHA      */ 0x00, 0x8c,
+        /* TLS_PSK_WITH_NULL_SHA256          */ 0x00, 0xb0,
+        /* TLS_PSK_WITH_NULL_SHA384          */ 0x00, 0xb1,
+        /* TLS_PSK_WITH_NULL_SHA             */ 0x00, 0x2c,
+        /* SSL_RSA_WITH_RC4_128_SHA          */ 0x00, 0x05,
+        /* SSL_RSA_WITH_RC4_128_MD5          */ 0x00, 0x04,
+        /* SSL_RSA_WITH_3DES_EDE_CBC_SHA     */ 0x00, 0x0A,
 
         /* ECC suites, first byte is 0xC0 (ECC_BYTE) */
         /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA     */ 0xC0, 0x14,
diff --git a/wolfcrypt/src/memory.c b/wolfcrypt/src/memory.c
index 916e46234..3e8d4ada5 100644
--- a/wolfcrypt/src/memory.c
+++ b/wolfcrypt/src/memory.c
@@ -1211,6 +1211,9 @@ void wolfSSL_Free(void *ptr, void* heap, int type)
             #else
                 free(ptr);
             #endif
+            #ifdef WOLFSSL_DEBUG_MEMORY
+            fprintf(stderr, "Free: %p at %s:%d\n", ptr, func, line);
+            #endif
         #else
             WOLFSSL_MSG("Error trying to call free when turned off");
         #endif /* WOLFSSL_NO_MALLOC */
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
index 32ffb9ea3..4a435ad6b 100644
--- a/wolfcrypt/src/wc_port.c
+++ b/wolfcrypt/src/wc_port.c
@@ -132,6 +132,13 @@
     #include <pthread.h>
 #endif
 
+#if defined(WOLFSSL_ZEPHYR)
+#if defined(CONFIG_BOARD_NATIVE_POSIX)
+#include "native_rtc.h"
+#define CONFIG_RTC
+#endif
+#endif
+
 /* prevent multiple mutex initializations */
 static volatile int initRefCount = 0;
 
@@ -3173,6 +3180,21 @@ time_t z_time(time_t * timer)
 
     #if defined(CONFIG_RTC) && \
         (defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC))
+
+    #if defined(CONFIG_BOARD_NATIVE_POSIX)
+
+    /* When using native sim, get time from simulator rtc */
+    uint32_t nsec = 0;
+    uint64_t sec = 0;
+    native_rtc_gettime(RTC_CLOCK_PSEUDOHOSTREALTIME, &nsec, &sec);
+
+    if (timer != NULL)
+        *timer = sec;
+
+    return sec;
+
+    #else
+
     /* Try to obtain the actual time from an RTC */
     static const struct device *rtc = DEVICE_DT_GET(DT_NODELABEL(rtc));
 
@@ -3191,6 +3213,7 @@ time_t z_time(time_t * timer)
             return epochTime;
         }
     }
+    #endif /* defined(CONFIG_BOARD_NATIVE_POSIX) */
     #endif
 
     /* Fallback to uptime since boot. This works for relative times, but
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index cedff0f3f..d1766f695 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -2115,6 +2115,7 @@ extern void uITRON4_free(void *p) ;
 
     void *z_realloc(void *ptr, size_t size);
     #define realloc   z_realloc
+    #define max MAX
 
     #if !defined(CONFIG_NET_SOCKETS_POSIX_NAMES) && !defined(CONFIG_POSIX_API)
     #define CONFIG_NET_SOCKETS_POSIX_NAMES
diff --git a/zephyr/CMakeLists.txt b/zephyr/CMakeLists.txt
index cf64215ca..ed5900aae 100644
--- a/zephyr/CMakeLists.txt
+++ b/zephyr/CMakeLists.txt
@@ -22,6 +22,7 @@ if(CONFIG_WOLFSSL)
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/zephyr/zephyr_init.c)
 
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/crl.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/dtls.c)
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/dtls13.c)
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/internal.c)
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/keys.c)
diff --git a/zephyr/Kconfig b/zephyr/Kconfig
index 5c6fa73ef..1bf1f25bd 100644
--- a/zephyr/Kconfig
+++ b/zephyr/Kconfig
@@ -70,6 +70,29 @@ config WOLFCRYPT_FIPS
 	  Enables FIPS support in wolfCrypt. Requires the wolfSSL FIPS ready
 	  download that includes fips.c/fips_test.c.
 
+config WOLFSSL_DTLS
+  bool "wolfSSL DTLS support"
+  help
+    Enable DTLS support
+
+config WOLFSSL_ALPN
+  bool "wolfSSL ALPN support"
+  help
+    Enable ALPN support
+
+config WOLFSSL_PSK
+  bool "wolfSSL PSK support"
+  help
+    Enable PSK support
+
+config WOLFSSL_MAX_FRAGMENT_LEN
+  int
+  default 3
+  range 1 6
+  help
+    Sets the maximum fragment length wolfSSL will use, values 1-6 correspond to enum values
+    WOLFSSL_MFL_* in ssl.h
+
 config WOLFCRYPT_ARMASM
 	bool "wolfCrypt ARM Assembly support"
 	depends on WOLFSSL_BUILTIN
diff --git a/zephyr/user_settings.h b/zephyr/user_settings.h
index 7876c0baf..68266da5f 100644
--- a/zephyr/user_settings.h
+++ b/zephyr/user_settings.h
@@ -133,9 +133,32 @@ extern "C" {
     #define NO_SESSION_CACHE /* disable session resumption */
 #endif
 
-/* PSK */
-#define NO_PSK /* disable pre-shared-key support */
+/* DTLS */
+#if defined(CONFIG_WOLFSSL_DTLS)
+    #define WOLFSSL_DTLS
+    #define HAVE_SOCKADDR
+#endif
 
+/* PSK */
+#if defined(CONFIG_WOLFSSL_PSK)
+    #undef NO_PSK
+    #define WOLFSSL_STATIC_PSK
+#else
+    #define NO_PSK /* disable pre-shared-key support */
+#endif
+
+/* ALPN */
+#if defined(CONFIG_WOLFSSL_ALPN)
+    #define HAVE_ALPN
+#endif
+
+#if defined(CONFIG_WOLFSSL_MAX_FRAGMENT_LEN)
+    #define HAVE_MAX_FRAGMENT
+#endif
+
+#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
+    #define WOLFSSL_SET_CIPHER_BYTES
+#endif
 
 /* ------------------------------------------------------------------------- */
 /* Algorithms */
@@ -143,6 +166,9 @@ extern "C" {
 /* RNG */
 #ifndef WC_NO_HASHDRBG
     #define HAVE_HASHDRBG /* Use DRBG SHA2-256 and seed */
+    #ifdef CONFIG_CSPRNG_ENABLED
+        #define WC_RNG_SEED_CB
+    #endif
 #endif
 
 /* ECC */