diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h
index 4ecb7c1b856..341d0190063 100644
--- a/src/include/ndpi_private.h
+++ b/src/include/ndpi_private.h
@@ -648,7 +648,8 @@ const uint8_t *get_crypto_data(struct ndpi_detection_module_struct *ndpi_struct,
 
 /* RTP */
 int is_valid_rtp_payload_type(uint8_t type);
-int is_rtp_or_rtcp(struct ndpi_detection_module_struct *ndpi_struct, u_int16_t *seq);
+int is_rtp_or_rtcp(struct ndpi_detection_module_struct *ndpi_struct,
+                   const u_int8_t *payload, u_int16_t payload_len, u_int16_t *seq);
 u_int8_t rtp_get_stream_type(u_int8_t payloadType, ndpi_multimedia_flow_type *s_type);
 
 /* Bittorrent */
diff --git a/src/lib/protocols/line.c b/src/lib/protocols/line.c
index da28e613b18..933693ed974 100644
--- a/src/lib/protocols/line.c
+++ b/src/lib/protocols/line.c
@@ -83,7 +83,7 @@ static void ndpi_search_line(struct ndpi_detection_module_struct *ndpi_struct,
       /* It might be a RTP/RTCP packet. Ignore it and keep looking for the
          LINE packet numbers */
       /* Basic RTP detection */
-      rc = is_rtp_or_rtcp(ndpi_struct, NULL);
+      rc = is_rtp_or_rtcp(ndpi_struct, packet->payload, packet->payload_packet_len, NULL);
       if(rc == IS_RTCP || rc == IS_RTP) {
         if(flow->packet_counter < 10) {
           NDPI_LOG_DBG(ndpi_struct, "Probably RTP; keep looking for LINE\n");
diff --git a/src/lib/protocols/rtp.c b/src/lib/protocols/rtp.c
index b543e8b99cf..d8c09be3aaa 100644
--- a/src/lib/protocols/rtp.c
+++ b/src/lib/protocols/rtp.c
@@ -83,23 +83,16 @@ static int is_valid_rtcp_payload_type(uint8_t type) {
   return (type >= 192 && type <= 213);
 }
 
-int is_rtp_or_rtcp(struct ndpi_detection_module_struct *ndpi_struct, u_int16_t *seq)
+int is_rtp_or_rtcp(struct ndpi_detection_module_struct *ndpi_struct,
+                   const u_int8_t *payload, u_int16_t payload_len, u_int16_t *seq)
 {
-  struct ndpi_packet_struct *packet = &ndpi_struct->packet;
   u_int8_t csrc_count, ext_header;
   u_int16_t ext_len;
   u_int32_t min_len;
-  const u_int8_t *payload = packet->payload;
-  u_int16_t payload_len = packet->payload_packet_len;
 
   if(payload_len < 2)
     return NO_RTP_RTCP;
   
-  if(packet->tcp != NULL) {
-    payload_len -= 2;
-    payload += 2; /* Skip the length field */
-  }
-
   if((payload[0] & 0xC0) != 0x80) { /* Version 2 */
     NDPI_LOG_DBG(ndpi_struct, "Not version 2\n");
     return NO_RTP_RTCP;
@@ -149,10 +142,12 @@ static void ndpi_rtp_search(struct ndpi_detection_module_struct *ndpi_struct,
   u_int8_t is_rtp;
   struct ndpi_packet_struct *packet = &ndpi_struct->packet;
   const u_int8_t *payload = packet->payload;
+  u_int16_t payload_len = packet->payload_packet_len;
   u_int16_t seq;
 
   if(packet->tcp != NULL) {
       payload += 2; /* Skip the length field */
+      payload_len -= 2;
   }
   NDPI_LOG_DBG(ndpi_struct, "search RTP (stage %d/%d)\n", flow->rtp_stage, flow->rtcp_stage);
 
@@ -169,7 +164,7 @@ static void ndpi_rtp_search(struct ndpi_detection_module_struct *ndpi_struct,
     return;
   }
 
-  is_rtp = is_rtp_or_rtcp(ndpi_struct, &seq);
+  is_rtp = is_rtp_or_rtcp(ndpi_struct, payload, payload_len, &seq);
 
   if(is_rtp == IS_RTP) {
     if(flow->rtp_stage == 2) {
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c
index aca6540fcb0..877379abcbb 100644
--- a/src/lib/protocols/stun.c
+++ b/src/lib/protocols/stun.c
@@ -796,7 +796,7 @@ static int stun_search_again(struct ndpi_detection_module_struct *ndpi_struct,
     NDPI_LOG_DBG(ndpi_struct, "QUIC range. Unexpected\n");
   } else if(first_byte <= 191) {
 
-    rtp_rtcp = is_rtp_or_rtcp(ndpi_struct, NULL);
+    rtp_rtcp = is_rtp_or_rtcp(ndpi_struct, packet->payload, packet->payload_packet_len, NULL);
     if(rtp_rtcp == IS_RTP) {
       NDPI_LOG_DBG(ndpi_struct, "RTP (dir %d)\n", packet->packet_direction);
       NDPI_LOG_INFO(ndpi_struct, "Found RTP over STUN\n");
diff --git a/tests/cfgs/default/pcap/stun_dtls_rtp.pcapng b/tests/cfgs/default/pcap/stun_dtls_rtp.pcapng
index 9d51e7ca70c..2d1308ec7d7 100644
Binary files a/tests/cfgs/default/pcap/stun_dtls_rtp.pcapng and b/tests/cfgs/default/pcap/stun_dtls_rtp.pcapng differ
diff --git a/tests/cfgs/default/result/stun_dtls_rtp.pcapng.out b/tests/cfgs/default/result/stun_dtls_rtp.pcapng.out
index d396ffb3764..2e451851988 100644
--- a/tests/cfgs/default/result/stun_dtls_rtp.pcapng.out
+++ b/tests/cfgs/default/result/stun_dtls_rtp.pcapng.out
@@ -1,9 +1,10 @@
+DPI Packets (TCP):	11	(11.00 pkts/flow)
 DPI Packets (UDP):	17	(17.00 pkts/flow)
-Confidence DPI              : 1 (flows)
-Num dissector calls: 6 (6.00 diss/flow)
+Confidence DPI              : 2 (flows)
+Num dissector calls: 13 (6.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
-LRU cache stun:       4/0/0 (insert/search/found)
+LRU cache stun:       7/0/0 (insert/search/found)
 LRU cache tls_cert:   0/1/0 (insert/search/found)
 LRU cache mining:     0/0/0 (insert/search/found)
 LRU cache msteams:    0/0/0 (insert/search/found)
@@ -17,16 +18,17 @@ Patricia risk mask:   2/0 (search/found)
 Patricia risk mask IPv6: 0/0 (search/found)
 Patricia risk:        0/0 (search/found)
 Patricia risk IPv6:   0/0 (search/found)
-Patricia protocols:   1/1 (search/found)
+Patricia protocols:   2/2 (search/found)
 Patricia protocols IPv6: 0/0 (search/found)
 
-GoogleCall	39	8413	1
+GoogleCall	102	26347	2
 
-Acceptable                      39 8413          1            
+Acceptable                     102 26347         2            
 
 JA3 Host Stats: 
 		 IP Address                  	 # JA3C     
 	1	 192.168.12.156           	 1      
 
 
-	1	UDP 192.168.12.156:37967 <-> 142.250.82.76:19305 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 17][cat: VoIP/10][25 pkts/4202 bytes <-> 14 pkts/4211 bytes][Goodput ratio: 75/86][0.88 sec][bytes ratio: -0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/35 203/107 47/36][Pkt Len c2s/s2c min/avg/max/stddev: 103/82 168/301 587/1245 125/320][Mapped IP/Port: 93.35.171.3:61536][DTLSv1.2][JA3C: c14667d7da3e6f7a7ab5519ef78c2452][JA4: dd2d110700_c45550529adf_d9dd6182da81][JA3S: 1f5d6a6d0bc5d514dd84d13e6283d309][Issuer: CN=hangouts][Subject: CN=hangouts][Certificate SHA-1: AF:DD:BF:F5:59:23:0C:D1:B0:9F:B1:04:2E:89:DF:4C:1B:AB:BE:CC][Validity: 2022-11-30 17:35:18 - 2023-12-01 17:35:18][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (ShSURJhNF)][Plen Bins: 0,5,47,30,2,0,0,0,0,0,0,0,0,2,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.12.182:50221 <-> 142.250.82.249:3478 [proto: 78.404/STUN.GoogleCall][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 11][cat: VoIP/10][28 pkts/3492 bytes <-> 35 pkts/14442 bytes][Goodput ratio: 56/87][0.89 sec][Hostname/SNI: turn.l.google.com][bytes ratio: -0.611 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/13 55/55 17/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 125/413 250/1162 71/442][Mapped IP/Port: 93.35.170.27:64994][Peer IP/Port: 10.13.0.50:1259][Relayed IP/Port: 10.13.0.62:15530][PLAIN TEXT (Lvsrdelc)][Plen Bins: 2,2,12,15,21,10,2,0,0,0,5,0,0,0,0,0,0,0,2,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	UDP 192.168.12.156:37967 <-> 142.250.82.76:19305 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 17][cat: VoIP/10][25 pkts/4202 bytes <-> 14 pkts/4211 bytes][Goodput ratio: 75/86][0.88 sec][bytes ratio: -0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/35 203/107 47/36][Pkt Len c2s/s2c min/avg/max/stddev: 103/82 168/301 587/1245 125/320][Mapped IP/Port: 93.35.171.3:61536][DTLSv1.2][JA3C: c14667d7da3e6f7a7ab5519ef78c2452][JA4: dd2d110700_c45550529adf_d9dd6182da81][JA3S: 1f5d6a6d0bc5d514dd84d13e6283d309][Issuer: CN=hangouts][Subject: CN=hangouts][Certificate SHA-1: AF:DD:BF:F5:59:23:0C:D1:B0:9F:B1:04:2E:89:DF:4C:1B:AB:BE:CC][Validity: 2022-11-30 17:35:18 - 2023-12-01 17:35:18][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (ShSURJhNF)][Plen Bins: 0,5,47,30,2,0,0,0,0,0,0,0,0,2,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/stun_extra_dissection/config.txt b/tests/cfgs/stun_extra_dissection/config.txt
index 8f6faf08580..87f4665436d 100644
--- a/tests/cfgs/stun_extra_dissection/config.txt
+++ b/tests/cfgs/stun_extra_dissection/config.txt
@@ -1 +1 @@
---cfg=stun,max_packets_extra_dissection,255
+--cfg=stun,max_packets_extra_dissection,255 -U 0 -T 0 --cfg=packets_limit_per_flow,255
diff --git a/tests/cfgs/stun_extra_dissection/pcap/stun_dtls_rtp.pcapng b/tests/cfgs/stun_extra_dissection/pcap/stun_dtls_rtp.pcapng
new file mode 120000
index 00000000000..d30bde120b2
--- /dev/null
+++ b/tests/cfgs/stun_extra_dissection/pcap/stun_dtls_rtp.pcapng
@@ -0,0 +1 @@
+../../default/pcap/stun_dtls_rtp.pcapng
\ No newline at end of file
diff --git a/tests/cfgs/stun_extra_dissection/result/stun_dtls_rtp.pcapng.out b/tests/cfgs/stun_extra_dissection/result/stun_dtls_rtp.pcapng.out
new file mode 100644
index 00000000000..afe07e3c2a1
--- /dev/null
+++ b/tests/cfgs/stun_extra_dissection/result/stun_dtls_rtp.pcapng.out
@@ -0,0 +1,34 @@
+DPI Packets (TCP):	63	(63.00 pkts/flow)
+DPI Packets (UDP):	39	(39.00 pkts/flow)
+Confidence DPI              : 2 (flows)
+Num dissector calls: 13 (6.50 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache stun:       42/0/0 (insert/search/found)
+LRU cache tls_cert:   0/1/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache stun_zoom:  0/0/0 (insert/search/found)
+Automa host:          0/0 (search/found)
+Automa domain:        0/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   2/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   2/2 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+GoogleCall	102	26347	2
+
+Acceptable                     102 26347         2            
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+	1	 192.168.12.156           	 1      
+
+
+	1	TCP 192.168.12.182:50221 <-> 142.250.82.249:3478 [proto: 338.404/SRTP.GoogleCall][IP: 126/Google][Stream Content: Audio][Encrypted][Confidence: DPI][DPI packets: 63][cat: VoIP/10][28 pkts/3492 bytes <-> 35 pkts/14442 bytes][Goodput ratio: 56/87][0.89 sec][Hostname/SNI: turn.l.google.com][bytes ratio: -0.611 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/13 55/55 17/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 125/413 250/1162 71/442][Mapped IP/Port: 10.13.0.62:15530][Peer IP/Port: 10.13.0.50:1259][Relayed IP/Port: 10.13.0.62:15530][PLAIN TEXT (Lvsrdelc)][Plen Bins: 2,2,12,15,21,10,2,0,0,0,5,0,0,0,0,0,0,0,2,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	UDP 192.168.12.156:37967 <-> 142.250.82.76:19305 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Stream Content: Audio][Encrypted][Confidence: DPI][DPI packets: 39][cat: VoIP/10][25 pkts/4202 bytes <-> 14 pkts/4211 bytes][Goodput ratio: 75/86][0.88 sec][bytes ratio: -0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/35 203/107 47/36][Pkt Len c2s/s2c min/avg/max/stddev: 103/82 168/301 587/1245 125/320][Mapped IP/Port: 93.35.171.3:61536][DTLSv1.2][JA3C: c14667d7da3e6f7a7ab5519ef78c2452][JA4: dd2d110700_c45550529adf_d9dd6182da81][JA3S: 1f5d6a6d0bc5d514dd84d13e6283d309][Issuer: CN=hangouts][Subject: CN=hangouts][Certificate SHA-1: AF:DD:BF:F5:59:23:0C:D1:B0:9F:B1:04:2E:89:DF:4C:1B:AB:BE:CC][Validity: 2022-11-30 17:35:18 - 2023-12-01 17:35:18][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (ShSURJhNF)][Plen Bins: 0,5,47,30,2,0,0,0,0,0,0,0,0,2,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0]