diff --git a/gestion/config.py b/gestion/config.py
index 88107007..aa70522f 100644
--- a/gestion/config.py
+++ b/gestion/config.py
@@ -43,6 +43,7 @@ cimetiere = '/home/cimetiere'
 ## Adresses mac utiles
 mac_komaz = '00:19:BB:31:3B:80'
 mac_wifi = '00:e0:81:58:d1:39'
+mac_titanic = 'aa:73:65:63:6f:76'
 
 ## Serveur principal de cfengine
 cfengine_main = "vert.adm.crans.org"
diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py
index 66f03369..2099f05e 100755
--- a/gestion/gen_confs/firewall.py
+++ b/gestion/gen_confs/firewall.py
@@ -35,7 +35,7 @@ from ldap_crans import AssociationCrans, Machine, MachineWifi
 from affich_tools import *
 from commands import getstatusoutput
 from iptools import AddrInNet, NetSubnets, IpSubnet
-from config import NETs, mac_komaz, mac_wifi, conf_fw, p2p
+from config import NETs, mac_komaz, mac_wifi, mac_titanic, conf_fw, p2p
 syslog.openlog('firewall')
 
 debug = 1
@@ -256,6 +256,13 @@ class firewall_crans :
             # Machine wifi, c'est la mac de Nectaris
             iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
             "%s -m mac --mac-source %s -j RETURN"%(ip, mac_wifi))
+        elif machine.nom() == "ovh.adm.crans.org":
+            # Pour ovh, on met les MACs de komaz et de titanic
+            # qui font proxy ARP
+            iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
+            "%s -m mac --mac-source %s -j RETURN"%(ip, mac_komaz))
+            iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
+            "%s -m mac --mac-source %s -j RETURN"%(ip, mac_titanic))
         else:
             # Machine fixe
             iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\