diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index 27b2db9..a0ff1e3 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -163,7 +163,7 @@ fi
 # Update ipsec.conf for Libreswan 3.19 and newer
 IKE_NEW="  ike=3des-sha1,3des-sha2,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024,aes256-sha2_512"
 PHASE2_NEW="  phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2,aes256-sha2_512"
-if grep -qs raspbian /etc/os-release; then
+if [ "$(uname -m | cut -c1-3)" = "arm" ]; then
   PHASE2_NEW="  phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2"
 fi
 sed -i".old-$(date +%F-%T)" \
diff --git a/vpnsetup.sh b/vpnsetup.sh
index 53a342e..d846c48 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -75,7 +75,7 @@ def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
 
 def_iface_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
 if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
-  if ! grep -qs raspbian /etc/os-release; then
+  if [ "$(uname -m | cut -c1-3)" != "arm" ]; then
     case "$def_iface" in
       wl*)
         exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
@@ -268,14 +268,12 @@ conn xauth-psk
   also=shared
 EOF
 
-# Workaround for Raspbian 9
-if grep -qs 'Raspbian GNU/Linux 9' /etc/os-release; then
+# Workarounds for systems with ARM CPU (e.g. Raspberry Pi)
+# - Set "left" to private IP instead of "%defaultroute"
+# - Remove unsupported ESP algorithm
+if [ "$(uname -m | cut -c1-3)" = "arm" ]; then
   PRIVATE_IP=$(ip -4 route get 1 | awk '{print $NF;exit}')
   check_ip "$PRIVATE_IP" && sed -i "s/left=%defaultroute/left=$PRIVATE_IP/" /etc/ipsec.conf
-fi
-
-# Remove unsupported ESP algorithm on Raspbian
-if grep -qs raspbian /etc/os-release; then
   sed -i '/phase2alg/s/,aes256-sha2_512//' /etc/ipsec.conf
 fi