diff --git a/roles/vpn/defaults/main.yml b/roles/vpn/defaults/main.yml
index bc0b9a6e..db312818 100644
--- a/roles/vpn/defaults/main.yml
+++ b/roles/vpn/defaults/main.yml
@@ -24,6 +24,6 @@ ciphers:
   defaults:
     ike: aes128gcm16-sha2_512-prfsha512-ecp256!
     esp: aes128gcm16-sha2_512-ecp256!
-  windows:
-    ike: aes128gcm16-sha2_512-prfsha512-ecp256,aes128-sha2_256-prfsha256-modp2048!
-    esp: aes128gcm16-sha2_512-ecp256,aes128-sha2_256-modp2048!
+  compat:
+    ike: aes128-sha2_512-prfsha512-ecp256,aes128gcm16-sha2_512-prfsha512-ecp256,aes128-sha2_256-prfsha256-modp2048!
+    esp: aes128-sha2_512-ecp256,aes128gcm16-sha2_512-ecp256,aes128-sha2_256-modp2048!
diff --git a/roles/vpn/templates/client_ipsec.conf.j2 b/roles/vpn/templates/client_ipsec.conf.j2
index 2df16053..8a12d7de 100644
--- a/roles/vpn/templates/client_ipsec.conf.j2
+++ b/roles/vpn/templates/client_ipsec.conf.j2
@@ -7,8 +7,8 @@ conn ikev2-{{ IP_subject_alt_name }}
     dpddelay=35s
 
 {% if Win10_Enabled is defined and Win10_Enabled == "Y" %}
-    ike={{ ciphers.windows.ike }}
-    esp={{ ciphers.windows.esp }}
+    ike={{ ciphers.compat.ike }}
+    esp={{ ciphers.compat.esp }}
 {% else %}
     ike={{ ciphers.defaults.ike }}
     esp={{ ciphers.defaults.esp }}
diff --git a/roles/vpn/templates/ipsec.conf.j2 b/roles/vpn/templates/ipsec.conf.j2
index 32baddfb..03211b94 100644
--- a/roles/vpn/templates/ipsec.conf.j2
+++ b/roles/vpn/templates/ipsec.conf.j2
@@ -11,8 +11,8 @@ conn %default
     dpddelay=35s
 
 {% if Win10_Enabled is defined and Win10_Enabled == "Y" %}
-    ike={{ ciphers.windows.ike }}
-    esp={{ ciphers.windows.esp }}
+    ike={{ ciphers.compat.ike }}
+    esp={{ ciphers.compat.esp }}
 {% else %}
     ike={{ ciphers.defaults.ike }}
     esp={{ ciphers.defaults.esp }}