diff --git a/freeradius/auth.py b/freeradius/auth.py
index fc32039f..5e544063 100644
--- a/freeradius/auth.py
+++ b/freeradius/auth.py
@@ -114,8 +114,10 @@ def get_machines(data, conn, is_wifi=True, proprio=None):
             username = username[:-len(suffix)]
 
     if mac is None:
+        logger.error('Cannot read mac from AP')
         radiusd.radlog(radiusd.L_ERR, 'Cannot read client MAC from AP !')
     if username is None:
+        logger.error('Cannot read username')
         radiusd.radlog(radiusd.L_ERR, 'Cannot read client User-Name !')
 
     # Liste de recherches ldap à essayer, dans l'ordre
@@ -139,6 +141,9 @@ def get_machines(data, conn, is_wifi=True, proprio=None):
         res = conn.search(u'(&%s(macAddress=<automatique>)(host=%s%s))' %
                 (base, username, suffix), **opt)
 
+    if TEST_SERVER:
+        res += conn.search(u'(&%s(host=%s%s))' %
+                (base, username, suffix), **opt)
     return res
 
 def get_prise_chbre(data):
@@ -252,10 +257,12 @@ def authorize_wifi(data):
     items = get_machines(data)
 
     if not items:
+        logger.error('Nobody found')
         radiusd.radlog(radiusd.L_ERR, 'lc_ldap: Nobody found')
         return radiusd.RLM_MODULE_NOTFOUND
 
     if len(items) > 1:
+        logger.error('Too many results')
         radiusd.radlog(radiusd.L_ERR, 'lc_ldap: Too many results (took first)')
 
     machine = items[0]
@@ -302,6 +309,27 @@ def authorize_fil(data):
       )
 
 @radius_event
+def authorize_nas(data):
+    """Remplis le mdp d'une borne"""
+    password = "passoirtototo"
+    logger.debug('nas_auth with %r' % data)
+
+    ip = data.get('NAS-Identifier', '')
+    ip_stm = ("FreeRADIUS-Client-IP%s-Address" % ('v6' if ':' in ip else ''), ip)
+
+    return (radiusd.RLM_MODULE_OK,
+	    (),
+        (
+          ip_stm,
+          ("FreeRADIUS-Client-Require-MA", "no"),
+          ("FreeRADIUS-Client-Secret", password),
+          ("FreeRADIUS-Client-Shortname", "wifi"),
+          ("FreeRADIUS-Client-NAS-Type", "other"),
+            # On teste avec une équipe qui marche
+          ("FreeRADIUS-Client-Virtual-Server", "inner-tunnel"),
+        ),
+      )
+@radius_event
 def post_auth_wifi(data):
     """Appelé une fois que l'authentification est ok.
     On peut rajouter quelques éléments dans la réponse radius ici.
diff --git a/freeradius/rlm_python_nas.conf b/freeradius/rlm_python_nas.conf
new file mode 100644
index 00000000..1039f2fc
--- /dev/null
+++ b/freeradius/rlm_python_nas.conf
@@ -0,0 +1,35 @@
+# Configuration for the Python module.
+#
+#
+
+python crans_nas {
+	mod_instantiate = freeradius.auth
+	func_instantiate = instantiate
+
+    # Spécifique NAS : rempli le mdp
+	mod_authorize = freeradius.auth
+	func_authorize = authorize_nas
+
+    # Que faire avant de quitter
+	mod_detach = freeradius.auth
+	func_detach = detach
+
+    # Le reste est dumb et inutile
+	mod_post_auth = freeradius.auth
+	func_post_auth = dummy_fun
+
+	mod_accounting = freeradius.auth
+	func_accounting = dummy_fun
+
+	mod_pre_proxy = freeradius.auth
+	func_pre_proxy = dummy_fun
+
+	mod_post_proxy = freeradius.auth
+	func_post_proxy = dummy_fun
+
+	mod_recv_coa = freeradius.auth
+	func_recv_coa = dummy_fun
+
+	mod_send_coa = freeradius.auth
+	func_send_coa = dummy_fun
+}