diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
index e3fc9e5b8b1c..95473b25f770 100644
--- a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
+++ b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
@@ -291,6 +291,8 @@ Cellular samples
 
 * :ref:`modem_shell_application` sample:
 
+  * Added support for using DTLS connection ID.
+
   * Removed the ``CONFIG_MOSH_LINK`` Kconfig option.
     The link control functionality is now always enabled and cannot be disabled.
 
diff --git a/samples/cellular/modem_shell/src/sock/sock.c b/samples/cellular/modem_shell/src/sock/sock.c
index b9edeb3d074d..96014063d88b 100644
--- a/samples/cellular/modem_shell/src/sock/sock.c
+++ b/samples/cellular/modem_shell/src/sock/sock.c
@@ -18,7 +18,6 @@
 #endif
 #include <zephyr/net/tls_credentials.h>
 #include <fcntl.h>
-#include <nrf_socket.h>
 #include <modem/pdn.h>
 
 #include "sock.h"
@@ -354,7 +353,8 @@ static int sock_set_tls_options(
 	uint32_t sec_tag,
 	bool session_cache,
 	int peer_verify,
-	char *peer_hostname)
+	char *peer_hostname,
+	int dtls_cid)
 {
 	int err;
 	uint32_t sec_tag_list[] = { sec_tag };
@@ -409,9 +409,64 @@ static int sock_set_tls_options(
 			return errno;
 		}
 	}
+
+	/* DTLS connection ID */
+	if (dtls_cid) {
+		err = setsockopt(fd, SOL_TLS, TLS_DTLS_CID, &dtls_cid,
+				 sizeof(dtls_cid));
+		if (err) {
+			mosh_error("Unable to set DTLS connection ID, errno %d", errno);
+			return errno;
+		}
+	}
+
 	return 0;
 }
 
+static void sock_print_dtls_status(int fd, bool session_cache, int dtls_cid)
+{
+	int err;
+	int status;
+	int len = sizeof(status);
+	char status_str[64];
+
+	if (session_cache) {
+		err = getsockopt(fd, SOL_TLS, TLS_DTLS_HANDSHAKE_STATUS, &status, &len);
+		if (err == 0) {
+			if (status == TLS_DTLS_HANDSHAKE_STATUS_FULL) {
+				sprintf(status_str, "Full");
+			} else if (status == TLS_DTLS_HANDSHAKE_STATUS_CACHED) {
+				sprintf(status_str, "Cached");
+			} else {
+				sprintf(status_str, "Unknown (%d)", status);
+			}
+			mosh_print("Handshake status: %s", status_str);
+		} else {
+			mosh_error("Unable to get DTLS handshake status, errno %d", errno);
+		}
+	}
+
+	if (dtls_cid) {
+		err = getsockopt(fd, SOL_TLS, TLS_DTLS_CID_STATUS, &status, &len);
+		if (err == 0) {
+			if (status == TLS_DTLS_CID_STATUS_DISABLED) {
+				sprintf(status_str, "Disabled");
+			} else if (status == TLS_DTLS_CID_STATUS_DOWNLINK) {
+				sprintf(status_str, "Downlink");
+			} else if (status == TLS_DTLS_CID_STATUS_UPLINK) {
+				sprintf(status_str, "Uplink");
+			} else if (status == TLS_DTLS_CID_STATUS_BIDIRECTIONAL) {
+				sprintf(status_str, "Bidirectional");
+			} else {
+				sprintf(status_str, "Unknown (%d)", status);
+			}
+			mosh_print("Connection ID status: %s", status_str);
+		} else {
+			mosh_error("Unable to get DTLS connection ID status, errno %d", errno);
+		}
+	}
+}
+
 static int sock_bind(
 	int fd,
 	int family,
@@ -529,7 +584,8 @@ int sock_open_and_connect(
 	bool session_cache,
 	bool keep_open,
 	int peer_verify,
-	char *peer_hostname)
+	char *peer_hostname,
+	int dtls_cid)
 {
 	int err = -EINVAL;
 	int proto = 0;
@@ -632,7 +688,8 @@ int sock_open_and_connect(
 
 	/* Set (D)TLS options */
 	if (secure) {
-		err = sock_set_tls_options(fd, sec_tag, session_cache, peer_verify, peer_hostname);
+		err = sock_set_tls_options(fd, sec_tag, session_cache, peer_verify, peer_hostname,
+					   dtls_cid);
 		if (err) {
 			goto connect_error;
 		}
@@ -653,6 +710,10 @@ int sock_open_and_connect(
 		}
 	}
 
+	if (secure && type == SOCK_DGRAM) {
+		sock_print_dtls_status(fd, session_cache, dtls_cid);
+	}
+
 	/* Set socket to non-blocking mode to make sure receiving
 	 * is not blocking polling of all sockets
 	 */
diff --git a/samples/cellular/modem_shell/src/sock/sock.h b/samples/cellular/modem_shell/src/sock/sock.h
index e1d9332a65d0..1e4439094ada 100644
--- a/samples/cellular/modem_shell/src/sock/sock.h
+++ b/samples/cellular/modem_shell/src/sock/sock.h
@@ -26,7 +26,7 @@ int sock_open_and_connect(
 	int family, int type, char *address, int port,
 	int bind_port, int pdn_cid, bool secure, uint32_t sec_tag,
 	bool session_cache, bool keep_open, int peer_verify,
-	char *peer_hostname);
+	char *peer_hostname, int dtls_cid);
 
 int sock_send_data(
 	int socket_id, char *data, int data_length, int interval, bool packet_number_prefix,
diff --git a/samples/cellular/modem_shell/src/sock/sock_shell.c b/samples/cellular/modem_shell/src/sock/sock_shell.c
index 15916f22a8c2..7e914d7769db 100644
--- a/samples/cellular/modem_shell/src/sock/sock_shell.c
+++ b/samples/cellular/modem_shell/src/sock/sock_shell.c
@@ -39,6 +39,7 @@ static const char sock_connect_usage_str[] =
 	"Usage: sock connect -a <address> -p <port>\n"
 	"       [-f <family>] [-t <type>] [-b <port>] [-I <cid>] [-K]\n"
 	"       [-S] [-T <sec_tag>] [-c] [-V <level>] [-H <hostname>]\n"
+	"       [-C <dtls_cid>]\n"
 	"Options:\n"
 	"  -a, --address, [str]      Address as ip address or hostname\n"
 	"  -p, --port,  [int]        Port\n"
@@ -56,6 +57,8 @@ static const char sock_connect_usage_str[] =
 	"  -V, --peer_verify, [int]  TLS peer verification level. None (0),\n"
 	"                            optional (1) or required (2). Default value is 2.\n"
 	"  -H, --hostname, [str]     Hostname for TLS peer verification.\n"
+	"  -C, --dtls_cid, [int]     Enable DTLS connection ID. Disabled (0),\n"
+	"                            supported (1) or enabled (2). Default value is 0.\n"
 	"  -h, --help,               Shows this help information";
 
 static const char sock_close_usage_str[] =
@@ -197,6 +200,7 @@ static struct option long_options[] = {
 	{ "wait_ack",       no_argument,       0, 'W' },
 	{ "keep_open",      no_argument,       0, 'K' },
 	{ "print_format",   required_argument, 0, 'P' },
+	{ "dtls_cid",       required_argument, 0, 'C' },
 	{ "packet_number_prefix", no_argument, 0, SOCK_SHELL_OPT_PACKET_NUMBER_PREFIX },
 	{ "rai_last",       no_argument,       0, SOCK_SHELL_OPT_RAI_LAST },
 	{ "rai_no_data",    no_argument,       0, SOCK_SHELL_OPT_RAI_NO_DATA },
@@ -207,7 +211,7 @@ static struct option long_options[] = {
 	{ 0,                0,                 0, 0   }
 };
 
-static const char short_options[] = "i:I:a:p:f:t:b:ST:cV:H:d:l:e:s:xrB:WKP:h";
+static const char short_options[] = "i:I:a:p:f:t:b:ST:cV:H:d:l:e:s:xrB:WKP:C:h";
 
 static void sock_print_usage(enum sock_shell_command command)
 {
@@ -352,6 +356,7 @@ static int cmd_sock_connect(const struct shell *shell, size_t argc, char **argv)
 	bool arg_keep_open = false;
 	int arg_peer_verify = 2;
 	char arg_peer_hostname[SOCK_MAX_ADDR_LEN + 1];
+	int arg_dtls_cid = TLS_DTLS_CID_DISABLED;
 
 	memset(arg_address, 0, SOCK_MAX_ADDR_LEN + 1);
 	memset(arg_peer_hostname, 0, SOCK_MAX_ADDR_LEN + 1);
@@ -470,6 +475,15 @@ static int cmd_sock_connect(const struct shell *shell, size_t argc, char **argv)
 			}
 			strcpy(arg_peer_hostname, optarg);
 			break;
+		case 'C': /* DTLS connection ID */
+			arg_dtls_cid = atoi(optarg);
+			if (arg_dtls_cid < 0 || arg_dtls_cid > 2) {
+				mosh_error(
+					"Valid values for connection ID (%d) are 0, 1 and 2.",
+					arg_dtls_cid);
+				return -EINVAL;
+			}
+			break;
 
 		case 'h':
 			goto show_usage;
@@ -497,7 +511,8 @@ static int cmd_sock_connect(const struct shell *shell, size_t argc, char **argv)
 		arg_session_cache,
 		arg_keep_open,
 		arg_peer_verify,
-		arg_peer_hostname);
+		arg_peer_hostname,
+		arg_dtls_cid);
 
 	return err;