diff --git a/akka-docs/rst/project/migration-guide-2.3.x-2.4.x.rst b/akka-docs/rst/project/migration-guide-2.3.x-2.4.x.rst
index f961fb3ff8..ba2b2b4b4b 100644
--- a/akka-docs/rst/project/migration-guide-2.3.x-2.4.x.rst
+++ b/akka-docs/rst/project/migration-guide-2.3.x-2.4.x.rst
@@ -167,6 +167,12 @@ Secure Cookies
 
 `Secure cookies` feature was deprecated.
 
+AES128CounterInetRNG and AES256CounterInetRNG are Deprecated
+============================================================
+
+Use ``AES128CounterSecureRNG`` or ``AES256CounterSecureRNG`` as 
+``akka.remote.netty.ssl.security.random-number-generator``. 
+
 Microkernel is Deprecated
 =========================
 
diff --git a/akka-remote/src/main/resources/reference.conf b/akka-remote/src/main/resources/reference.conf
index 063188431d..ea260af153 100644
--- a/akka-remote/src/main/resources/reference.conf
+++ b/akka-remote/src/main/resources/reference.conf
@@ -507,8 +507,10 @@ akka {
         # "AES128CounterSecureRNG" => fastest startup and based on AES encryption
         # algorithm
         # "AES256CounterSecureRNG"
-        # The following use one of 3 possible seed sources, depending on
-        # availability: /dev/random, random.org and SecureRandom (provided by Java)
+        #
+        # The following are deprecated in Akka 2.4. They use one of 3 possible
+        # seed sources, depending on availability: /dev/random, random.org and 
+        # SecureRandom (provided by Java)
         # "AES128CounterInetRNG"
         # "AES256CounterInetRNG" (Install JCE Unlimited Strength Jurisdiction
         # Policy Files first)
diff --git a/akka-remote/src/main/scala/akka/remote/security/provider/AES128CounterInetRNG.scala b/akka-remote/src/main/scala/akka/remote/security/provider/AES128CounterInetRNG.scala
index af13da46c8..0307c1ade1 100644
--- a/akka-remote/src/main/scala/akka/remote/security/provider/AES128CounterInetRNG.scala
+++ b/akka-remote/src/main/scala/akka/remote/security/provider/AES128CounterInetRNG.scala
@@ -13,6 +13,7 @@ import SeedSize.Seed128
  * Depending on availability: random.org, /dev/random, and SecureRandom (provided by Java)
  * The only method used by netty ssl is engineNextBytes(bytes)
  */
+@deprecated("Use AES128CounterSecureRNG instead", "2.4")
 class AES128CounterInetRNG extends java.security.SecureRandomSpi {
   private val rng = new AESCounterRNG(engineGenerateSeed(Seed128))
 
diff --git a/akka-remote/src/main/scala/akka/remote/security/provider/AES256CounterInetRNG.scala b/akka-remote/src/main/scala/akka/remote/security/provider/AES256CounterInetRNG.scala
index 6b3657bb55..126073085f 100644
--- a/akka-remote/src/main/scala/akka/remote/security/provider/AES256CounterInetRNG.scala
+++ b/akka-remote/src/main/scala/akka/remote/security/provider/AES256CounterInetRNG.scala
@@ -13,6 +13,7 @@ import SeedSize.Seed256
  * Depending on availability: random.org, /dev/random, and SecureRandom (provided by Java)
  * The only method used by netty ssl is engineNextBytes(bytes)
  */
+@deprecated("Use AES256CounterSecureRNG instead", "2.4")
 class AES256CounterInetRNG extends java.security.SecureRandomSpi {
   private val rng = new AESCounterRNG(engineGenerateSeed(Seed256))
 
diff --git a/akka-remote/src/main/scala/akka/remote/security/provider/InternetSeedGenerator.scala b/akka-remote/src/main/scala/akka/remote/security/provider/InternetSeedGenerator.scala
index 28495070df..8c26fa27b9 100644
--- a/akka-remote/src/main/scala/akka/remote/security/provider/InternetSeedGenerator.scala
+++ b/akka-remote/src/main/scala/akka/remote/security/provider/InternetSeedGenerator.scala
@@ -25,6 +25,7 @@ import scala.collection.immutable
  * current operating environment.
  * @author Daniel Dyer
  */
+@deprecated("Use another seed generator instead", "2.4")
 object InternetSeedGenerator {
   /**
    * @return The singleton instance of this class.
diff --git a/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala b/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala
index a735ca5561..8bd0208d7f 100644
--- a/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala
+++ b/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala
@@ -67,16 +67,20 @@ private[akka] object NettySSLSupport {
 
   def initializeCustomSecureRandom(rngName: Option[String], log: LoggingAdapter): SecureRandom = {
     val rng = rngName match {
-      case Some(r @ ("AES128CounterSecureRNG" | "AES256CounterSecureRNG" | "AES128CounterInetRNG" | "AES256CounterInetRNG")) ⇒
+      case Some(r @ ("AES128CounterSecureRNG" | "AES256CounterSecureRNG")) ⇒
         log.debug("SSL random number generator set to: {}", r)
         SecureRandom.getInstance(r, AkkaProvider)
+      case Some(r @ ("AES128CounterInetRNG" | "AES256CounterInetRNG")) ⇒
+        log.warning("SSL random number generator {} is deprecated, " +
+          "use AES128CounterSecureRNG or AES256CounterSecureRNG instead", r)
+        SecureRandom.getInstance(r, AkkaProvider)
       case Some(s @ ("SHA1PRNG" | "NativePRNG")) ⇒
         log.debug("SSL random number generator set to: " + s)
         // SHA1PRNG needs /dev/urandom to be the source on Linux to prevent problems with /dev/random blocking
         // However, this also makes the seed source insecure as the seed is reused to avoid blocking (not a problem on FreeBSD).
         SecureRandom.getInstance(s)
       case Some(unknown) ⇒
-        log.debug("Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown)
+        log.warning("Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown)
         new SecureRandom
       case None ⇒
         log.debug("SSLRandomNumberGenerator not specified, falling back to SecureRandom")