Skip to content

Belajar Mengkonfigurasi Secure GRE Tunnel

5 April 2010
Belajar Mengkonfigurasi Secure GRE Tunnel
Topology yang digunakan :


-----------------------------------------
Configure Addressing
Configure OSPF with process id 1

-----------------------------------------
Configure the GRE Tunnel
-----------------------------------------

cnc1(config)# interface tunnel 1
cnc1(config-if)# ip address 172.16.13.1 255.255.255.0
cnc1(config-if)# tunnel source fastethernet0/0
cnc1(config-if)# tunnel destination 192.168.20.2

cnc3(config)# interface tunnel 1
cnc3(config-if)# ip address 172.16.13.2 255.255.255.0
cnc3(config-if)# tunnel FastEthernet0/1
cnc3(config-if)# tunnel destination 192.168.10.65

untuk pengecekan : 

cnc1#ping 172.16.13.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
cnc1#

cnc3#ping 172.16.13.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
cnc3#
-----------------------------------------
-----------------------------------------

Configure EIGRP AS 1 over the Tunnel

cnc1(config)# router eigrp 1
cnc1(config-router)# no auto-summary
cnc1(config-router)# network 172.16.0.0

cnc3(config)# router eigrp 1
cnc3(config-router)# no auto-summary
cnc3(config-router)# network 172.16.0.0

untuk pengecekan : 

cnc1#sh ip eigrp neighbors
IP-EIGRP neighbors for process 1
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
 (sec)         (ms)       Cnt Num
0   172.16.13.2             Tu1               13 00:15:34    1  5000  0  5
cnc1#

IP-EIGRP neighbors for process 1
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
 (sec)         (ms)       Cnt Num
0   172.16.13.1             Tu1               11 00:15:07   56  5000  0  4
cnc3#

cnc1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 E1 - OSPF external type 1, E2 - OSPF external type 2
 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 ia - IS-IS inter area, * - candidate default, U - per-user static route
 o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

 192.168.10.0/30 is subnetted, 1 subnets
C       192.168.10.64 is directly connected, FastEthernet0/0
 172.16.0.0/24 is subnetted, 3 subnets
D       172.16.30.0 [90/297246976] via 172.16.13.2, 00:08:09, Tunnel1
C       172.16.13.0 is directly connected, Tunnel1
C       172.16.10.0 is directly connected, FastEthernet0/1
O    192.168.20.0/24 [110/2] via 192.168.10.66, 00:16:02, FastEthernet0/0
 10.0.0.0/32 is subnetted, 3 subnets
O       10.10.10.2 [110/2] via 192.168.10.66, 00:16:02, FastEthernet0/0
O       10.10.10.3 [110/3] via 192.168.10.66, 00:16:02, FastEthernet0/0
C       10.10.10.1 is directly connected, Loopback0
cnc1#sh ip route eigrp
 172.16.0.0/24 is subnetted, 3 subnets
D       172.16.30.0 [90/297246976] via 172.16.13.2, 00:08:18, Tunnel1
cnc1#

cnc3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 E1 - OSPF external type 1, E2 - OSPF external type 2
 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 ia - IS-IS inter area, * - candidate default, U - per-user static route
 o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

 192.168.10.0/30 is subnetted, 1 subnets
O       192.168.10.64 [110/2] via 192.168.20.1, 00:16:39, FastEthernet0/1
 172.16.0.0/24 is subnetted, 3 subnets
C       172.16.30.0 is directly connected, FastEthernet0/0
C       172.16.13.0 is directly connected, Tunnel1
D       172.16.10.0 [90/297246976] via 172.16.13.1, 00:11:06, Tunnel1
C    192.168.20.0/24 is directly connected, FastEthernet0/1
 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       10.10.10.2/32 [110/2] via 192.168.20.1, 00:16:39, FastEthernet0/1
C       10.10.10.0/24 is directly connected, Loopback0
O       10.10.10.1/32 [110/3] via 192.168.20.1, 00:16:39, FastEthernet0/1
cnc3#sh ip route eigrp
 172.16.0.0/24 is subnetted, 3 subnets
D       172.16.10.0 [90/297246976] via 172.16.13.1, 00:11:11, Tunnel1
cnc3#
-----------------------------------------
-----------------------------------------


Create IKE Policies and Peers

cnc1(config)# crypto isakmp policy 10
cnc1(config-isakmp)# authentication pre-share
cnc1(config-isakmp)# encryption aes 256
cnc1(config-isakmp)# hash sha
cnc1(config-isakmp)# group 5
cnc1(config-isakmp)# lifetime 3600

cnc3(config)# crypto isakmp policy 10
cnc3(config-isakmp)# authentication pre-share
cnc3(config-isakmp)# encryption aes 256
cnc3(config-isakmp)# hash sha
cnc3config-isakmp)# group 5
cnc3(config-isakmp)# lifetime 3600

cnc1(config)# crypto isakmp key iwingganteng address 192.168.20.2

cnc3(config)# crypto isakmp key iwingganteng address 192.168.10.65
-----------------------------------------
-----------------------------------------

Create IPsec Transform Sets

cnc1(config)# crypto ipsec transform-set 50 ah-sha-hmac esp-aes 256 esp-sha-hmac
cnc(cfg-crypto-trans)# exit
cnc(config)#

cnc(config)# crypto ipsec transform-set 50 ah-sha-hmac esp-aes 256 esp-sha-hmac
cnc(cfg-crypto-trans)# exit
cnc(config)#

-----------------------------------------
-----------------------------------------
Define the Traffic to be Encrypted

cnc1(config)# access-list 101 permit gre host 192.168.10.65 host 192.168.20.2

cnc3(config)# access-list 101 permit gre host 192.168.20.2 host 192.168.10.65
-----------------------------------------
-----------------------------------------

Create and Apply Crypto Maps

cnc1(config)# crypto map iwingmap 10 ipsec-isakmp
cnc1(config-crypto-map)# match address 101
cnc1(config-crypto-map)# set peer 192.168.20.2
cnc1(config-crypto-map)# set transform-set 50
cnc1(config-crypto-map)# exit
cnc1(config)# interface fastethernet 0/0
cnc1(config-if)# crypto map iwingmap

cnc3(config)# crypto map iwingmap 10 ipsec-isakmp
cnc3(config-crypto-map)# match address 101
cnc3(config-crypto-map)# set peer 192.168.10.65
cnc3(config-crypto-map)# set transform-set 50
cnc3(config-crypto-map)# exit
cnc3(config)# interface fastethernet 0/1
cnc3(config-if)# crypto map iwingmap

untuk pengecekan :

cnc1#show crypto ipsec sa

interface: FastEthernet0/0
 Crypto map tag: iwingmap, local addr 192.168.10.65

 protected vrf: (none)
 local  ident (addr/mask/prot/port): (192.168.10.65/255.255.255.255/47/0)
 remote ident (addr/mask/prot/port): (192.168.20.2/255.255.255.255/47/0)
 current_peer 192.168.20.2 port 500
 PERMIT, flags={origin_is_acl,}
 #pkts encaps: 1136, #pkts encrypt: 1136, #pkts digest: 1136
 #pkts decaps: 1146, #pkts decrypt: 1146, #pkts verify: 1146
 #pkts compressed: 0, #pkts decompressed: 0
 #pkts not compressed: 0, #pkts compr. failed: 0
 #pkts not decompressed: 0, #pkts decompress failed: 0
 #send errors 1, #recv errors 0

 local crypto endpt.: 192.168.10.65, remote crypto endpt.: 192.168.20.2
 path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/0
 current outbound spi: 0x39A8D4D7(967365847)

 inbound esp sas:
 spi: 0x67B8F512(1740174610)
 transform: esp-256-aes esp-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3003, flow_id: NETGX:3, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4409912/543)
 IV size: 16 bytes
 replay detection support: Y
 Status: ACTIVE

 inbound ah sas:
 spi: 0xF0608700(4032857856)
 transform: ah-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3003, flow_id: NETGX:3, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4409912/542)
 replay detection support: Y
 Status: ACTIVE

 inbound pcp sas:

 outbound esp sas:
 spi: 0x39A8D4D7(967365847)
 transform: esp-256-aes esp-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3004, flow_id: NETGX:4, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4409912/542)
 IV size: 16 bytes
 replay detection support: Y
 Status: ACTIVE

 outbound ah sas:
 spi: 0x8656C1E(140864542)
 transform: ah-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3004, flow_id: NETGX:4, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4409912/541)
 replay detection support: Y
 Status: ACTIVE

 outbound pcp sas:
cnc1#

cnc1#show crypto ipsec transform-set
Transform set 50: { ah-sha-hmac  }
 will negotiate = { Tunnel,  },
 { esp-256-aes esp-sha-hmac  }
 will negotiate = { Tunnel,  },
cnc1#show crypto map
Crypto Map "iwingmap" 10 ipsec-isakmp
 Peer = 192.168.20.2
 Extended IP access list 101
 access-list 101 permit gre host 192.168.10.65 host 192.168.20.2
 Current peer: 192.168.20.2
 Security association lifetime: 4608000 kilobytes/900 seconds
 PFS (Y/N): Y
 DH group:  group5
 Transform sets={
 50,
 }
 Interfaces using crypto map iwingmap:
 FastEthernet0/0

cnc1#

cnc1#show crypto isakmp sa
dst             src             state          conn-id slot status
192.168.20.2    192.168.10.65   QM_IDLE              1    0 ACTIVE

cnc3#show crypto ipsec sa

interface: FastEthernet0/1
 Crypto map tag: iwingmap, local addr 192.168.20.2

 protected vrf: (none)
 local  ident (addr/mask/prot/port): (192.168.20.2/255.255.255.255/47/0)
 remote ident (addr/mask/prot/port): (192.168.10.65/255.255.255.255/47/0)
 current_peer 192.168.10.65 port 500
 PERMIT, flags={origin_is_acl,}
 #pkts encaps: 1296, #pkts encrypt: 1296, #pkts digest: 1296
 #pkts decaps: 1285, #pkts decrypt: 1285, #pkts verify: 1285
 #pkts compressed: 0, #pkts decompressed: 0
 #pkts not compressed: 0, #pkts compr. failed: 0
 #pkts not decompressed: 0, #pkts decompress failed: 0
 #send errors 0, #recv errors 0

 local crypto endpt.: 192.168.20.2, remote crypto endpt.: 192.168.10.65
 path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1
 current outbound spi: 0x67B8F512(1740174610)

 inbound esp sas:
 spi: 0x39A8D4D7(967365847)
 transform: esp-256-aes esp-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3003, flow_id: NETGX:3, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4476353/193)
 IV size: 16 bytes
 replay detection support: Y
 Status: ACTIVE

 inbound ah sas:
 spi: 0x8656C1E(140864542)
 transform: ah-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3003, flow_id: NETGX:3, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4476353/192)
 replay detection support: Y
 Status: ACTIVE

 inbound pcp sas:

 outbound esp sas:
 spi: 0x67B8F512(1740174610)
 transform: esp-256-aes esp-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3004, flow_id: NETGX:4, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4476353/192)
 IV size: 16 bytes
 replay detection support: Y
 Status: ACTIVE

 outbound ah sas:
 spi: 0xF0608700(4032857856)
 transform: ah-sha-hmac ,
 in use settings ={Tunnel, }
 conn id: 3004, flow_id: NETGX:4, crypto map: iwingmap
 sa timing: remaining key lifetime (k/sec): (4476353/192)
 replay detection support: Y
 Status: ACTIVE

 outbound pcp sas:
cnc3#

cnc3#show crypto ipsec transform-set
Transform set 50: { ah-sha-hmac  }
 will negotiate = { Tunnel,  },
 { esp-256-aes esp-sha-hmac  }
 will negotiate = { Tunnel,  },

cnc3#show crypto map
Crypto Map "iwingmap" 10 ipsec-isakmp
 Peer = 192.168.10.65
 Extended IP access list 101
 access-list 101 permit gre host 192.168.20.2 host 192.168.10.65
 Current peer: 192.168.10.65
 Security association lifetime: 4608000 kilobytes/900 seconds
 PFS (Y/N): Y
 DH group:  group5
 Transform sets={
 50,
 }
 Interfaces using crypto map iwingmap:
 FastEthernet0/1

cnc3#

cnc3#show crypto isakmp sa
dst             src             state          conn-id slot status
192.168.20.2    192.168.10.65   QM_IDLE              1    0 ACTIVE

cnc3#

-----------------------------------------
-----------------------------------------





Konfigurasi Lengkapnya :
cnc1#sh run
Building configuration...

Current configuration : 3406 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$74ea$OP8QNxsjNbZ0YxcV6Giow1
!
no aaa new-model
!
!
ip cef
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-736434198
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-736434198
 revocation-check none
 rsakeypair TP-self-signed-736434198
!
!
crypto pki certificate chain TP-self-signed-736434198
 certificate self-signed 01
 3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
 69666963 6174652D 37333634 33343139 38301E17 0D313030 33323231 31323130
 335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3733 36343334
 31393830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
 D2B0B81A 7DAD1F32 3240D35C 29E36D7A E36C27AE 5C9B54C0 FBABF15A CF6CF268
 AA2B0A7E BEB81357 B8902625 C93DF3FC 9AA66FDE 2345DFB0 63C02006 CA84EEBE
 2F42EC3F C9766E78 5A2FE2A1 30702B10 2A0E0262 9854ACE2 49FECAE2 B8F7AB73
 80DBF81C B0091E97 AF87C981 6A1E52EE 1998D8C6 BD461E93 6D8257F5 8B3BC9D3
 02030100 01A36430 62300F06 03551D13 0101FF04 05300301 01FF300F 0603551D
 11040830 06820463 6E633130 1F060355 1D230418 30168014 5E455C9E BF1BADD9
 DAF46DB4 CBD16CD1 55210B48 301D0603 551D0E04 1604145E 455C9EBF 1BADD9DA
 F46DB4CB D16CD155 210B4830 0D06092A 864886F7 0D010104 05000381 81003D7E
 0924A65C 6293B65D 3AECF6C2 BEB04413 1F3D32F9 2D1D3580 07C44788 F98EBCB1
 D5D97353 04C34FA3 066A244C C3E60C4A 461B67A4 A4F9FC39 B3D54391 9545B63D
 8B13ADD0 4DB0FE51 DC647A25 8D793816 FFE53B5E 597D976A 7BAB10C1 9D29E1E5
 D1FB2D0C 10961840 569F9242 54FAB1A9 B6B5388B 5AAD280C A4981580 8013
 quit
username datakom privilege 15 password 7 03005A1F07042E41
!
!
!
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 5
 lifetime 3600
crypto isakmp key iwingganteng address 192.168.20.2
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set 50 ah-sha-hmac esp-aes 256 esp-sha-hmac
!
crypto map iwingmap 10 ipsec-isakmp
 set peer 192.168.20.2
 set security-association lifetime seconds 900
 set transform-set 50
 set pfs group5
 match address 101
!
!
!
!
interface Loopback0
 ip address 10.10.10.1 255.255.255.255
!
interface Tunnel1
 ip address 172.16.13.1 255.255.255.0
 tunnel source FastEthernet0/0
 tunnel destination 192.168.20.2
!
interface FastEthernet0/0
 ip address 192.168.10.65 255.255.255.252
 duplex auto
 speed auto
 crypto map iwingmap
!
interface FastEthernet0/1
 ip address 172.16.10.1 255.255.255.0
 duplex auto
 speed auto
!
router eigrp 1
 network 172.16.0.0
 no auto-summary
!
router ospf 1
 log-adjacency-changes
 network 10.10.10.1 0.0.0.0 area 0
 network 192.168.10.64 0.0.0.3 area 0
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http secure-server
!
access-list 101 permit gre host 192.168.10.65 host 192.168.20.2
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

cnc1#

cnc3#sh run
Building configuration...

Current configuration : 3549 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc3
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$mDFU$jbR/xsINnUt7kUTsfNv7F.
!
no aaa new-model
!
!
ip cef
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-1322511713
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1322511713
 revocation-check none
 rsakeypair TP-self-signed-1322511713
!
!
crypto pki certificate chain TP-self-signed-1322511713
 certificate self-signed 01
 3082023C 308201A5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
 69666963 6174652D 31333232 35313137 3133301E 170D3130 30333232 31313237
 33355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33323235
 31313731 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
 8100B81B AD129F07 E25E0979 A31D9AF3 881C5E18 BE512D2F FA40E304 CA37CD56
 78B9C4C8 6E8328C2 29CF81AE FEAFAEFC 1DCB40B1 12D256D2 D837C15D C3E25C0B
 60E7BC9F FC40F412 B84F6719 6ECF3B80 D334614F 4BA2394A 54901368 230CB4DF
 27438902 78012D26 E4EFC5F8 B60268D3 4E5380F7 80D7CB07 D35C44C9 84A9C545
 82490203 010001A3 64306230 0F060355 1D130101 FF040530 030101FF 300F0603
 551D1104 08300682 04636E63 33301F06 03551D23 04183016 80142290 2A089FDA
 763F8B5C DBF92660 B7E978E1 9236301D 0603551D 0E041604 1422902A 089FDA76
 3F8B5CDB F92660B7 E978E192 36300D06 092A8648 86F70D01 01040500 03818100
 A06D3F98 6EA734D9 AF4901FE E6EB1937 F7355879 54F77C91 19DA5EDC FF9EE1C2
 BE109B8E 49BD2886 858E7A99 269B21E6 45AD189A F903CB6B 87A7E2EF 861B3FB2
 0560DF24 3601B673 1AA136A9 26CB7776 A00734B3 761C7CDB 02B4311F 41CD3D26
 51D95E34 E4040953 4C470498 691955FB EADE06F1 9E1A39FD 15AD04B1 88B6E255
 quit
username datakom privilege 15 password 7 15160A1805212429
!
!
!
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 5
 lifetime 3600
crypto isakmp key iwingganteng address 192.168.10.65
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set 50 ah-sha-hmac esp-aes 256 esp-sha-hmac
!
crypto map iwingmap 10 ipsec-isakmp
 set peer 192.168.10.65
 set security-association lifetime seconds 900
 set transform-set 50
 set pfs group5
 match address 101
!
!
!
!
interface Loopback0
 ip address 10.10.10.3 255.255.255.0
!
interface Tunnel1
 ip address 172.16.13.2 255.255.255.0
 tunnel source FastEthernet0/1
 tunnel destination 192.168.10.65
!
interface FastEthernet0/0
 ip address 172.16.30.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.20.2 255.255.255.0
 duplex auto
 speed auto
 crypto map iwingmap
!
router eigrp 1
 network 172.16.0.0
 no auto-summary
!
router ospf 1
 log-adjacency-changes
 network 10.10.10.3 0.0.0.0 area 0
 network 192.168.10.68 0.0.0.3 area 0
 network 192.168.20.0 0.0.0.255 area 0
 network 192.168.30.0 0.0.0.255 area 0
 network 192.168.50.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http secure-server
!
access-list 101 permit gre host 192.168.20.2 host 192.168.10.65
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

cnc3#

"------------Sekian dulu, semoga bermanfaat------------------"
ref:
CCNP: Implementing Secure Converged Wide-area Networks v5.0 - Lab 3-7
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: