diff --git a/components/lwip/Kconfig b/components/lwip/Kconfig
index ccf84731b..bb6aa939d 100644
--- a/components/lwip/Kconfig
+++ b/components/lwip/Kconfig
@@ -37,6 +37,14 @@ config LWIP_MAX_SOCKETS
         the maximum amount of sockets here. The valid value is from 1
         to 16.
 
+config LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS
+    bool "Randomize the local port for the first"
+    default y
+    help
+        LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS==1: randomize the local port for the first
+        local TCP/UDP pcb (default==0). This can prevent creating predictable port
+        numbers after booting a device.
+
 config USE_ONLY_LWIP_SELECT
     bool "Support LWIP socket select() only"
     default n
diff --git a/components/lwip/port/esp32/include/lwipopts.h b/components/lwip/port/esp32/include/lwipopts.h
index 13a3632d4..f9ee9806c 100644
--- a/components/lwip/port/esp32/include/lwipopts.h
+++ b/components/lwip/port/esp32/include/lwipopts.h
@@ -525,6 +525,13 @@
  */
 #define LWIP_SO_SNDTIMEO                1
 
+/**
+ * LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS==1: randomize the local port for the first
+ * local TCP/UDP pcb (default==0). This can prevent creating predictable port
+ * numbers after booting a device.
+ */
+#define LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS   CONFIG_LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS
+
 /**
  * LWIP_SO_RCVTIMEO==1: Enable receive timeout for sockets/netconns and
  * SO_RCVTIMEO processing.
@@ -754,7 +761,6 @@
 #define ESP_DNS                         1
 #define ESP_IPV6_AUTOCONFIG             1
 #define ESP_PERF                        0
-#define ESP_RANDOM_TCP_PORT             1
 #define ESP_IP4_ATON                    1
 #define ESP_LIGHT_SLEEP                 1
 #define ESP_L2_TO_L3_COPY               CONFIG_L2_TO_L3_COPY