diff --git a/lfd_encrypt.c b/lfd_encrypt.c
index e45f6fd..86bcc38 100644
--- a/lfd_encrypt.c
+++ b/lfd_encrypt.c
@@ -48,10 +48,17 @@ init_nonce(unsigned char *nonce, size_t nonce_size)
         sleep(SLEEP_WHEN_CLOCK_IS_OFF);
         randombytes_buf(nonce, nonce_size);
     } else {
-        randombytes_buf(nonce + 4, nonce_size - 4);
-        now <<= 2;
-        memcpy(nonce, &now, 3);
-        nonce[3] = (nonce[3] & 0x3) ^ *(((unsigned char *) &now) + 3);
+        randombytes_buf(nonce, nonce_size - 3);
+        nonce[nonce_size - 1] = (unsigned char) (now >> 22);
+        nonce[nonce_size - 2] = (unsigned char) (now >> 14);
+        nonce[nonce_size - 3] = (unsigned char) (now >> 6);
+        nonce[nonce_size - 4] =
+            (unsigned char) (now << 2) ^ (nonce[nonce_size - 4] & 0x3);
+    }
+    if (vtun.svr != 0) {
+        nonce[nonce_size - 1] |= 0x80;
+    } else {
+        nonce[nonce_size - 1] &= ~0x80;
     }
     return 0;
 }
diff --git a/main.c b/main.c
index cc59b27..74b108b 100644
--- a/main.c
+++ b/main.c
@@ -66,7 +66,7 @@ int is_rmt_fd_connected=1;
 
 int main(int argc, char *argv[], char *env[])
 {
-     int svr, daemon, sock, fd, opt;
+     int daemon, sock, fd, opt;
 #if defined(HAVE_WORKING_FORK) || defined(HAVE_WORKING_VFORK)
      int dofork;
 #endif
@@ -75,7 +75,7 @@ int main(int argc, char *argv[], char *env[])
      char *hst;
 
      /* Configure default settings */
-     svr = 0; daemon = 1; sock = 0;
+     daemon = 1; sock = 0;
 #if defined(HAVE_WORKING_FORK) || defined(HAVE_WORKING_VFORK)
      dofork = 1;
 #endif
@@ -94,6 +94,7 @@ int main(int argc, char *argv[], char *env[])
      vtun.svr_name = NULL;
      vtun.svr_addr = NULL;
      vtun.bind_addr.port = -1;
+     vtun.svr = 0;
      vtun.svr_type = -1;
      vtun.syslog   = LOG_DAEMON;
 
@@ -122,7 +123,7 @@ int main(int argc, char *argv[], char *env[])
 #ifdef HAVE_WORKING_FORK
 	    case 's':
 #endif
-		svr = 1;
+		vtun.svr = 1;
 		break;
 	    case 'L':
 		vtun.svr_addr = strdup(optarg);
@@ -158,9 +159,9 @@ int main(int argc, char *argv[], char *env[])
  	openlog("vtund", LOG_PID|LOG_NDELAY|LOG_PERROR, vtun.syslog);
      }
 
-	clear_nat_hack_flags(svr);
+	clear_nat_hack_flags(vtun.svr);
 
-     if(!svr){
+     if(!vtun.svr){
 	if( argc - optind < 2 ){
 	   usage();
            exit(1);
@@ -225,7 +226,7 @@ int main(int argc, char *argv[], char *env[])
 	chdir("/");
      }
 
-     if(svr){
+     if(vtun.svr){
         memset(&sa,0,sizeof(sa));
         sa.sa_handler=reread_config;
         sigaction(SIGHUP,&sa,NULL);
diff --git a/vtun.h b/vtun.h
index cd58820..f416877 100644
--- a/vtun.h
+++ b/vtun.h
@@ -204,6 +204,7 @@ struct vtun_opts {
    char *svr_name;       /* Server's host name */
    char *svr_addr;       /* Server's address (string) */
    struct vtun_addr bind_addr;	 /* Server should listen on this address */
+   int  svr;		 /* 0=process is a client 1=process is a server */
    int  svr_type;	 /* Server mode */
    int  syslog; 	 /* Facility to log messages to syslog under */
    int  quiet;		 /* Be quiet about common errors */