diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamConformanceTests.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamConformanceTests.cs
index 1bad10007f8024555d25bcb7cd37fe30c690fea9..eb8b302d4fdf0e3908da0f1daf039b93c812fb91 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamConformanceTests.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamConformanceTests.cs
@@ -30,6 +30,20 @@ protected override async Task<StreamPair> CreateWrappedConnectedStreamsAsync(Str
                 ssl2.AuthenticateAsServerAsync(cert, false, GetSslProtocols(), false)
             }.WhenAllOrAnyFailed().ConfigureAwait(false);
 
+            if (GetSslProtocols() == SslProtocols.Tls13)
+            {
+                // TLS 1.3 can generate some extra messages and we may get reset if test sends unidirectional traffic
+                // and extra packet stays in socket buffer.
+
+                // This ping-ping should flush leftovers from the handshake.
+                // We use sync method to preserve socket in default blocking state
+                // (as we don't go back once Async is used at least once)
+                ssl1.Write(new byte[1]);
+                ssl2.Write(new byte[1]);
+                Assert.Equal(1, ssl2.Read(new byte[1]));
+                Assert.Equal(1, ssl1.Read(new byte[1]));
+            }
+
             return new StreamPair(ssl1, ssl2);
         }
     }