diff --git a/chrony.texi.in b/chrony.texi.in
index eb93c3b..43bde88 100644
--- a/chrony.texi.in
+++ b/chrony.texi.in
@@ -1199,7 +1199,8 @@ By default, @code{chronyd} uses a separate client socket for each configured
 server and their source port is chosen arbitrarily by the operating system.
 However, you can use the @code{acquisitionport} directive to explicitly specify
 a port and use only one socket (per IPv4/IPv6 address family) for all
-configured servers.  This may be useful for getting through firewalls.
+configured servers.  This may be useful for getting through firewalls.  If set
+to 0, the source port of the socket will be chosen arbitrarily.
 
 It may be set to the same port as used by the NTP server (@pxref{port
 directive}) to use only one socket for all NTP packets.
diff --git a/conf.c b/conf.c
index ee6895d..46a765d 100644
--- a/conf.c
+++ b/conf.c
@@ -79,7 +79,7 @@ static void parse_tempcomp(char *);
 static int restarted = 0;
 static int generate_command_key = 0;
 static char *rtc_device = "/dev/rtc";
-static int acquisition_port = 0; /* 0 means let kernel choose port */
+static int acquisition_port = -1;
 static int ntp_port = 123;
 static char *keys_file = NULL;
 static char *drift_file = NULL;
diff --git a/ntp_io.c b/ntp_io.c
index a0a670e..0100a90 100644
--- a/ntp_io.c
+++ b/ntp_io.c
@@ -328,8 +328,10 @@ NIO_Initialise(int family)
   server_port = CNF_GetNTPPort();
   client_port = CNF_GetAcquisitionPort();
 
-  /* Use separate connected sockets if client port is not set */
-  separate_client_sockets = client_port == 0;
+  /* Use separate connected sockets if client port is negative */
+  separate_client_sockets = client_port < 0;
+  if (client_port < 0)
+    client_port = 0;
 
   server_sock_fd4 = INVALID_SOCK_FD;
   client_sock_fd4 = INVALID_SOCK_FD;