diff --git a/add_external_hardware_to_vpn.md b/add_external_hardware_to_vpn.md
index 6659d73..fd942be 100644
--- a/add_external_hardware_to_vpn.md
+++ b/add_external_hardware_to_vpn.md
@@ -1,9 +1,10 @@
 # Add external servers to vpn
 
-- In the Fedora Infra Ansible repo edit the file roles/batcave/files/allows.
+- In the Fedora Infra Ansible repo edit the file **roles/batcave/files/allows**.
 Under the correct section add **require ip** ***<server_ip>***
 
-- When this change is pushed run the batcave ansible playbook on the batcave.
+- When this change is pushed run the batcave ansible playbook on the batcave. 
+You will need sysadmin-main access for this
 
 - Create openvpn and 2fa certificates for the new server.
 This requires sysadmin main access
@@ -13,18 +14,19 @@ This requires sysadmin main access
 
 - In the dns repo on batcave edit the file master/168.192.in-addr.arpa
 Add the new host to one of the unused adresses. 
-Don't forget to update teh serial before saving.
+Ensure the hostname ends in .vpn.fedoraproject.org.
+Don't forget to update the serial before saving.
 
 - Also edit the master/vpn.fedoraproject.org file to add the server with
 the new 192.168.*.* address created in the previous step to the required section
-Don't forget to update teh serial before saving.
+Don't forget to update the serial before saving.
 
 - When the above edits are done follow the instructions in the DNS sysadmin sop 
 about signing and pushing new dns chnages.
 > https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/dns.html#editing-the-domain-s
 
 - Finally in the Fedora Infra Ansible repo add a new file 
-roles/openvpn/server/files/ccd/*<server_name>* with the new 192.168.*.* address.
+**roles/openvpn/server/files/ccd/*<server_name>*** with the new 192.168.*.* address.
 View one of the existing files in the repo for a sample of formatting.
 This change will be run when the server is provisioned.