Chapter 5 Compliance : Configuring FortiGate units for PCI DSS compliance : Protecting communicated cardholder data : Configuring SSL VPN security
  
Configuring SSL VPN security
The SSL VPN configuration includes a choice of encryption algorithm. Go to VPN > SSL > Config. The Default selection, RC4 (128 bits) is acceptable, but the High option, AES (128/256 bits) and 3DES is more secure. The Low option, RC4 (64 bits), DES and higher does not meet PCI DSS requirements.