diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index 9d81e59..274256c 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -163,9 +163,6 @@ fi
 # Update ipsec.conf for Libreswan 3.19 and newer
 IKE_NEW="  ike=3des-sha1,3des-sha2,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024"
 PHASE2_NEW="  phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2"
-if [ "$(uname -m | cut -c1-3)" = "arm" ]; then
-  PHASE2_NEW="  phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2"
-fi
 sed -i".old-$(date +%F-%T)" \
     -e "s/^[[:space:]]\+auth=esp\$/  phase2=esp/" \
     -e "s/^[[:space:]]\+forceencaps=yes\$/  encapsulation=yes/" \
diff --git a/vpnsetup.sh b/vpnsetup.sh
index 2b5df53..a30f596 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -81,7 +81,7 @@ def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
 
 def_iface_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
 if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
-  if [ "$(uname -m | cut -c1-3)" != "arm" ]; then
+  if ! uname -m | grep -qi '^arm'; then
     case "$def_iface" in
       wl*)
         exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
@@ -274,9 +274,8 @@ conn xauth-psk
   also=shared
 EOF
 
-# Workarounds for systems with ARM CPU (e.g. Raspberry Pi)
-# - Set "left" to private IP instead of "%defaultroute"
-if [ "$(uname -m | cut -c1-3)" = "arm" ]; then
+# Workaround for Raspberry Pi
+if uname -m | grep -qi '^arm'; then
   PRIVATE_IP=$(ip -4 route get 1 | awk '{print $NF;exit}')
   check_ip "$PRIVATE_IP" && sed -i "s/left=%defaultroute/left=$PRIVATE_IP/" /etc/ipsec.conf
 fi