diff --git a/.gitignore b/.gitignore
index fa5d35b..14f22a8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 ansible-facts.json/
+switch-configs-stock/
 *.html
diff --git a/playbook_create_switch_configs_stock.yml b/playbook_create_switch_configs_stock.yml
new file mode 100644
index 0000000..4876ec3
--- /dev/null
+++ b/playbook_create_switch_configs_stock.yml
@@ -0,0 +1,16 @@
+---
+- name: generate configuration for stock firmware
+  hosts:
+    - switches_stock
+  gather_facts: no
+  connection: local
+  tasks:
+    - name: create output directory
+      file:
+        state: directory
+        path: switch-configs-stock/
+
+    - name: generate configuration
+      template:
+        src: templates/gs1900-10hp-stock.cfg.j2
+        dest: "switch-configs-stock/{{ inventory_hostname }}.cfg"
diff --git a/templates/gs1900-10hp-stock.cfg.j2 b/templates/gs1900-10hp-stock.cfg.j2
new file mode 100644
index 0000000..fb696e9
--- /dev/null
+++ b/templates/gs1900-10hp-stock.cfg.j2
@@ -0,0 +1,126 @@
+! System Description: ZyXEL GS1900-10HP Switch
+! Revision: 
+! Serial Number: 
+! MAC Address Range: 
+! Boot Version: 
+! Firmware Version: 
+! System Up Time: 
+!
+!
+!
+system name "{{ inventory_hostname }}"
+ip address {{ ip }} mask 255.255.255.0
+ip default-gateway 10.85.1.1
+ip dns 10.85.1.1 0.0.0.0
+username "admin" password {{ lookup('passwordstore', 'switches/{{ inventory_hostname }}') }}
+vlan 1
+ name "mgmt"
+vlan 2
+ name "clients"
+vlan 3
+ name "wan"
+vlan 8
+ name "backoffice"
+voice-vlan oui-table 00:E0:BB "3COM"
+voice-vlan oui-table 00:03:6B "Cisco"
+voice-vlan oui-table 00:E0:75 "Veritel"
+voice-vlan oui-table 00:D0:1E "Pingtel"
+voice-vlan oui-table 00:01:E3 "Siemens"
+voice-vlan oui-table 00:60:B9 "NEC/Philips"
+voice-vlan oui-table 00:0F:E2 "H3C"
+voice-vlan oui-table 00:09:6E "Avaya"
+!
+!
+!
+!
+!
+spanning-tree mst configuration
+ name "{{ base_mac }}"
+!
+!
+!
+no snmp community "public"
+snmp community "{{ lookup('passwordstore', 'snmp-community') }}"  ro
+!
+!
+ip ssh
+!
+!
+management access-list default
+!
+interface lag1
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag2
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag3
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag4
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag5
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag6
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag7
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface lag8
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 1
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 2
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 3
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 4
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 5
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 6
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 7
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 8
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 9
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+interface 10
+ switchport hybrid ingress-filtering
+ switchport hybrid allowed vlan add 2-3,8 tagged
+!
+!
+!
+!
+