diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 864f5266..feef5511 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -723,6 +723,9 @@ type ProtocolBugs struct {
 	// PackHandshakeRecords, if true, causes handshake records to be packed
 	// into individual packets, up to the specified packet size.
 	PackHandshakeRecords int
+
+	// EnableAllCiphersInDTLS, if true, causes RC4 to be enabled in DTLS.
+	EnableAllCiphersInDTLS bool
 }
 
 func (c *Config) serverInit() {
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 1f9e84ff..0c5df738 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -115,7 +115,7 @@ NextCipherSuite:
 				continue
 			}
 			// Don't advertise non-DTLS cipher suites on DTLS.
-			if c.isDTLS && suite.flags&suiteNoDTLS != 0 {
+			if c.isDTLS && suite.flags&suiteNoDTLS != 0 && !c.config.Bugs.EnableAllCiphersInDTLS {
 				continue
 			}
 			hello.cipherSuites = append(hello.cipherSuites, suiteId)
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 6c0d2943..40d8e7db 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1116,6 +1116,19 @@ var testCases = []testCase{
 			},
 		},
 	},
+	{
+		testType: serverTest,
+		protocol: dtls,
+		name:     "NoRC4-DTLS",
+		config: Config{
+			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA},
+			Bugs: ProtocolBugs{
+				EnableAllCiphersInDTLS: true,
+			},
+		},
+		shouldFail:    true,
+		expectedError: ":NO_SHARED_CIPHER:",
+	},
 }
 
 func doExchange(test *testCase, config *Config, conn net.Conn, messageLen int, isResume bool) error {