diff --git a/heat/Tunnel_Exercise/Tunnel_V3.yaml b/heat/Tunnel_Exercise/Tunnel_V3.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9d1302a0309a68dc3256ba1b6b7e011067d6d797
--- /dev/null
+++ b/heat/Tunnel_Exercise/Tunnel_V3.yaml
@@ -0,0 +1,264 @@
+heat_template_version: 2018-08-31
+
+description: T10 Student Tunnel Environment
+
+parameters:
+
+  assign_ip:
+    type: string
+    label: Assign IP addresses
+    description: Set an octet for every IP address in the stack
+    constraints:
+      -  allowed_pattern: "[1][0-9][0-9]"
+         description: Number must be between 100 and 199
+
+  root_password:
+    type: string
+    label: Root Password
+    description: root/administrator password for all VMs
+    hidden: false
+    default: changeme
+    constraints:
+      -  length: { min: 8, max: 20 }
+         description: Password must be between 8 and 20 characters
+      -  allowed_pattern: "[a-zA-Z0-9]*"
+         description: Password may not contain special characters
+
+resources:
+
+  base-network:
+    type: OS::Neutron::Net
+    properties:
+      name: base-network
+      port_security_enabled: false
+
+  base-subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      allocation_pools:
+        - start:
+            str_replace:
+              template: 10.AssignIP.0.5
+              params:
+                AssignIP: { get_param: assign_ip }
+          end:
+            str_replace:
+              template: 10.AssignIP.0.250
+              params:
+                AssignIP: { get_param: assign_ip }
+      cidr:
+        str_replace:
+          template: 10.AssignIP.0.0/24
+          params:
+            AssignIP: { get_param: assign_ip }
+      gateway_ip:
+        str_replace:
+          template: 10.AssignIP.0.254
+          params:
+            AssignIP: { get_param: assign_ip }
+      network: { get_resource: base-network }
+      dns_nameservers: [ 10.50.255.254 ]
+      name: base-subnet
+
+#Create route to the interwebies
+
+  base-router:
+    type: OS::Neutron::Router
+    properties:
+      name: base_router
+      external_gateway_info: {"network": public}
+
+  base-router-interface:
+    type:  OS::Neutron::RouterInterface
+    properties:
+      router_id: { get_resource: base-router }
+      subnet_id: { get_resource: base-subnet }
+
+#Build the floating ip
+
+  T1-access-float-ip:
+    type: OS::Neutron::FloatingIP
+    properties:
+      floating_network: public
+
+#Create the interface for the Float IP
+
+  T1-access-float-port:
+    type: OS::Neutron::Port
+    depends_on: sec-group
+    properties:
+      port_security_enabled: false
+      network_id: { get_resource: base-network }
+      fixed_ips:
+      - subnet_id: { get_resource: base-subnet }
+        ip_address:
+          str_replace:
+            template: 10.AssignIP.0.99
+            params:
+              AssignIP: { get_param: assign_ip }   
+
+#Associate floating ip with the port
+
+  T1-access-ip-to-port-assoc:
+    type: OS::Neutron::FloatingIPAssociation
+    properties:
+      floatingip_id: {get_resource: T1-access-float-ip}
+      port_id: {get_resource: T1-access-float-port}
+
+#Define ports/protocols student can access over floating ip
+
+  sec-group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      description: Enable what ports student can communicate with box on
+      name: All the Things
+      rules: [{"port_range_max": 65535,"port_range_min": 1, "protocol":TCP, "direction":ingress, "direction":egress},{"port_range_max": 65535,"port_range_min": 1, "protocol":UDP, "direction":ingress, "direction":egress},{"protocol":ICMP, "direction":ingress, "direction":egress}]
+
+# Create interface for T7 so the beacon can work
+
+  BruceBannerT7-port:
+    type: OS::Neutron::Port
+    depends_on: sec-group
+    properties:
+      port_security_enabled: false
+      network_id: { get_resource: base-network }
+      fixed_ips:
+      - subnet_id: { get_resource: base-subnet }
+        ip_address:
+          str_replace:
+            template: 10.AssignIP.0.13
+            params:
+              AssignIP: { get_param: assign_ip }   
+
+  server1:
+    type: OS::Nova::Server
+    properties:
+      name: FrankCastle_T1
+      image: CentOS 7
+      flavor: cy.small
+      networks:
+        - port: { get_resource: T1-access-float-port }
+      user_data:
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: frankcastle
+            $additionalscript: | 
+              #!/bin/bash
+              echo "Hello" > /root/hello
+              exit
+      user_data_format: RAW
+
+  server2:
+    type: OS::Nova::Server
+    properties:
+      name: TonyStark_T2
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: tonystark
+      user_data_format: RAW   
+
+  server3:
+    type: OS::Nova::Server
+    properties:
+      name: WadeWilson_T3
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: wadewilson
+      user_data_format: RAW   
+
+  server4:
+    type: OS::Nova::Server
+    properties:
+      name: PeterParker_T4
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: peterparker
+      user_data_format: RAW   
+
+  server5:
+    type: OS::Nova::Server
+    properties:
+      name: MattMurdock_T5
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: mattmurdock
+      user_data_format: RAW  
+ 
+  server6:
+    type: OS::Nova::Server
+    properties:
+      name: StephenStrange_T6
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: stephenstrange
+      user_data_format: RAW 
+  
+  server7:
+    type: OS::Nova::Server
+    properties:
+      name: BruceBanner_T7
+      image: CentOS 7
+      flavor: cy.small
+      networks: 
+        - port: { get_resource: BruceBannerT7-port }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_nix_env.sh" }
+          params:
+            $password: { get_param: root_password }
+            $hostname: brucebanner
+      user_data_format: RAW
+
+  server8:
+    type: OS::Nova::Server
+    properties:
+      name: NatashaRomanoff_TW
+      image: Windows 1803
+      flavor: cy.mega
+      networks: 
+        - network: { get_resource: base-network }
+      user_data: 
+        str_replace:
+          template: { get_file: "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/base_tunnel_win_env.ps1" }
+          params:
+            $password: { get_param: root_password }
+            $ip: { get_param: assign_ip }
+            $hostname: natasharomanoff
+      user_data_format: RAW    
\ No newline at end of file
diff --git a/heat/environment_scripts/base_tunnel_nix_env.sh b/heat/environment_scripts/base_tunnel_nix_env.sh
index 135eb9362793bcbdb5b0a413a83f2aa6f42766b5..2e261f430d91cec48f1fdd605c77f15b8ef3854b 100644
--- a/heat/environment_scripts/base_tunnel_nix_env.sh
+++ b/heat/environment_scripts/base_tunnel_nix_env.sh
@@ -9,4 +9,5 @@ mkdir /etc/iptables
 iptables-save > /etc/iptables/rules.v4
 iptables-restore < /etc/iptables/rules.v4
 sed -i 's#exit 0#iptables-restore < /etc/iptables/rules.v4#g' /etc/rc.local
-service rsyslog restart
\ No newline at end of file
+service rsyslog restart
+$additionalscript
\ No newline at end of file
diff --git a/heat/environment_scripts/base_tunnel_win_env.ps1 b/heat/environment_scripts/base_tunnel_win_env.ps1
index 34cbf7283a6ba11e93ba6472b99809ff31d6ecf9..ac38284fd405b2915c6da7a9dd15f3bff9dfae69 100644
--- a/heat/environment_scripts/base_tunnel_win_env.ps1
+++ b/heat/environment_scripts/base_tunnel_win_env.ps1
@@ -1,4 +1,5 @@
 #ps1_sysnative
+$ErrorActionPreference = 'SilentlyContinue'
 Set-executionpolicy unrestricted all
 netsh advfirewall set allprofiles state off
 net user administrator $password
@@ -17,14 +18,6 @@ Set-Service -Name sshd -StartupType 'Automatic'
 mkdir C:\Tools
 invoke-webrequest -uri "10.50.20.121/software4/netcat.zip" -outfile "C:\Tools\netcat.zip"
 Expand-Archive -LiteralPath 'C:\Tools\netcat.zip' -DestinationPath 'C:\Tools\netcat'
-echo "while ($true)" >> C:\Tools\beacon.ps1
-echo "{" >> C:\Tools\beacon.ps1
-echo "[int]$port = 12301" >> C:\Tools\beacon.ps1
-echo "while ($port -gt "12300" -and $port -lt "12325")" >> C:\Tools\beacon.ps1
-echo "    {echo "Congrats! You are an 31337 H4x0r!" | C:\Tools\netcat\nc.exe -w 1 10.169.0.13 $port" >> C:\Tools\beacon.ps1
-echo "     sleep 1" >> C:\Tools\beacon.ps1
-echo "     $port = $port + 1" >> C:\Tools\beacon.ps1
-echo "     }" >> C:\Tools\beacon.ps1
-echo "}" >> C:\Tools\beacon.ps1
+invoke-webrequest -uri "https://git.cybbh.space/t10/public/raw/master/heat/environment_scripts/nc_beacon.ps1" -outfile "C:\Tools\beacon.ps1"
 powershell -ExecutionPolicy Bypass -file "C:\Tools\beacon.ps1"
 exit 1001
\ No newline at end of file
diff --git a/heat/environment_scripts/nc_beacon.ps1 b/heat/environment_scripts/nc_beacon.ps1
new file mode 100644
index 0000000000000000000000000000000000000000..60fa54467e6bdb9d362ca0e97eb3f7d63d1f53e0
--- /dev/null
+++ b/heat/environment_scripts/nc_beacon.ps1
@@ -0,0 +1,9 @@
+while ($true)
+{
+[int]$port = 12301
+while ($port -gt "12300" -and $port -lt "12325")
+{echo "Congrats! You are an 31337 H4x0r!" | C:\Tools\netcat\nc.exe -w 1 10.169.0.13 $port
+sleep 1
+$port = $port + 1
+}
+}
\ No newline at end of file