From 0e80cb2685e40728980350e6a4b352d2ca63971d Mon Sep 17 00:00:00 2001
From: Josh Tamayo <xtrapwr@gmail.com>
Date: Tue, 4 Apr 2017 14:33:15 -0400
Subject: [PATCH] Update Powershell Instructions for VPN connection

Update the Powershell instructions for creating the Windows VPN
connection.  Clarfied requirement that Powershell run as Administrator,
and additional steps required to update the Execution Policies for
PowerShell.
---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 7ec99814..60cd4f2e 100644
--- a/README.md
+++ b/README.md
@@ -101,7 +101,14 @@ You need to install the [strongSwan VPN Client for Android 4 and newer](https://
 
 ### Windows
 
-Copy the CA certificate, user certificate, and the user PowerShell script to the client computer. Import the CA certificate to the local machine Trusted Root certificate store. Then, run the included PowerShell script to import the user certificate, set up a VPN connection, and activate stronger ciphers on it.
+Copy the CA certificate, user certificate, and the user PowerShell script to the client computer. Import the CA certificate to the local machine Trusted Root certificate store. Then, run the included PowerShell script to import the user certificate, set up a VPN connection, and activate stronger ciphers on it. The powershell script has to be run as administrator, so first open Powershell as Administrator.  Additionally, if you have never used powershell before, you will need to change the Execution Policy to allow unsigned scripts to run.  Execute the following command in Powershell to do so.
+```powershell
+Set-ExecutionPolicy Unrestricted -Scope CurrentUser
+```
+For local machine security, revert the change after you run the script with the following.
+```powershell
+Set-ExecutionPolicy Restricted -Scope CurrentUser
+```
 
 If you want to perform these steps by hand, you will need to import the user certificate to the Personal certificate store, add an IKEv2 connection in the network settings, then activate stronger ciphers on it via the following PowerShell script: