diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0f4fd6c95..12a8ff5dc 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -975,9 +975,14 @@ static int ssl_parse_hello_verify_request( ssl_context *ssl )
     ssl_read_version( &major_ver, &minor_ver, ssl->transport, p );
     p += 2;
 
-    if( major_ver != SSL_MAJOR_VERSION_3 ||
+    /*
+     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
+     * even is lower than our min version.
+     */
+    if( major_ver < SSL_MAJOR_VERSION_3 ||
         minor_ver < SSL_MINOR_VERSION_2 ||
-        minor_ver > SSL_MINOR_VERSION_3 )
+        major_ver > ssl->max_major_ver  ||
+        minor_ver > ssl->max_minor_ver  )
     {
         SSL_DEBUG_MSG( 1, ( "bad server version" ) );
 
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index a66fcb3ed..fbdf984e1 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1981,8 +1981,9 @@ static int ssl_write_hello_verify_request( ssl_context *ssl )
      * } HelloVerifyRequest;
      */
 
-    /* For now, use fixed version = DTLS 1.0 */
-    ssl_write_version( SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
+    /* The RFC is not clear on this point, but sending the actual negotiated
+     * version looks like the most interoperable thing to do. */
+    ssl_write_version( ssl->major_ver, ssl->minor_ver,
                        ssl->transport, p );
     SSL_DEBUG_BUF( 3, "server version", (unsigned char *) p, 2 );
     p += 2;