diff --git a/doc/man-sections/cipher-negotiation.rst b/doc/man-sections/cipher-negotiation.rst
index 423b5ab6a..6e872962a 100644
--- a/doc/man-sections/cipher-negotiation.rst
+++ b/doc/man-sections/cipher-negotiation.rst
@@ -15,12 +15,15 @@ with a AUTH_FAILED message (as seen in client log):
 
     AUTH: Received control message: AUTH_FAILED,Data channel cipher negotiation failed (no shared cipher)
 
-OpenVPN 2.5 will only allow the ciphers specified in ``--data-ciphers``. To ensure
-backwards compatibility also if a cipher is specified using the ``--cipher`` option
-it is automatically added to this list. If both options are unset the default is
-:code:`AES-256-GCM:AES-128-GCM`. In 2.6 and later the default is changed to
+OpenVPN 2.5 and higher will only allow the ciphers specified in ``--data-ciphers``.
+ If ``--data-ciphers`` is not set the default is :code:`AES-256-GCM:AES-128-GCM`.
+In 2.6 and later the default is changed to
 :code:`AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305` when Chacha20-Poly1305 is available.
 
+For backwards compatibility OpenVPN 2.6.0 and later with ``--compat-mode 2.4.x``
+(or lower) or OpenVPN 2.5.x will automatically add a cipher specified using the
+``--cipher`` option to this list.
+
 OpenVPN 2.4 clients
 -------------------
 The negotiation support in OpenVPN 2.4 was the first iteration of the implementation