Navegando neste Tópico:   1 usuários anônimos





Centos 6.3 ipsec site to site aguardando fase 2 (phase 1 is done, looking for phase 2 to unpend)
Home away from home
Cadastrado em:
14/2/2012 20:37
De Belo Horizonte MG
Grupo:
Registered Users
Mensagens: 688
Offline
Não estou conseguido pingar site A e nem o B estou com uma mensagem no arquivo de log dizendo que a fase 2 esta pendente. (phase 1 is done, looking for phase 2 to unpend). Achei muitas mensagens no google sobre o assunto, mas nenhuma foi conclusiva. Tenho openvpn funcionando perfeito, este caso é muito especifico e preciso do ipsec, obrigado!

Ambos os lados estão com as mesmas configurações e rotas necessárias e apresentam a mesma mensagem no LOG

Minhas configurações site A e site B

vim /etc/ipsec.conf

config setup
plutodebug=all
plutostderrlog=/var/log/pluto.log
interfaces=%defaultroute
virtual_private=%v4:10.0.0.0/24,%v4:192.168.15.0/24,%v4:192.168.0.0/22 <-Duvida preciso da rede 10 fiz teste com e sem
protostack=netkey
nat_traversal=yes
oe=off
conn SiteA <--- Aqui eu troco para SiteB no outro servidor.

pfs=yes
auto=start <-- já coloquei com start e com add
type=tunnel
authby=secret
ike=aes128-sha1;modp1024
keyexchange=ike
phase2=esp
phase2alg=aes128-sha1;modp1024
leftid=189.184.218.234
leftprotoport=17/1701
left=189.184.218.234
leftsubnet=192.168.15.0/24
leftnexthop=%defaultroute
rightid=200.50.14.186
rightprotoport=17/1701
right=200.50.14.186
rightsubnet=192.168.0.0/22
rightnexthop=%defaultroute


Esta parte esta igual nos dois servidores

vim /etc/ipsec.secrets
include /etc/ipsec.d/*.secrets
189.184.218.234 200.50.14.186: PSK "[email protected]@789"

TESTE
# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.32/K2.6.32-279.el6.i686 (netkey)
Checking for IPsec support in kernel [OK]
SAref kernel support [N/A] <--- Duvida se preciso ou não disto
NETKEY: Testing for disabled ICMP send_redirects [OK]
NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]

Desativei o firewall e selinux para não implicar nos teste do ipsec
# getenforce
Disabled

# route -n
Tabela de Roteamento IP do Kernel ( coloquei uns --- para melhorar a visualização )
Destino-----------Roteador------------MáscaraGen----Opções- Métrica Ref---Uso Iface
192.168.15.0----0.0.0.0---------------255.255.255.0---U-----------0--------0--------0 eth0
179.184.218.0---0.0.0.0--------------255.255.255.0---U-----------0--------0--------0 eth1
192.168.0--------189.184.218.233-255.255.252.0---UG---------0--------0--------0 eth1
169.254.0.0------0.0.0.0---------------255.255.0.0------U-----------1002---0--------0 eth1
169.254.0.0------0.0.0.0---------------255.255.0.0------U-----------1003---0--------0 eth0
0.0.0.0-------------189.184.218.233--0.0.0.0------------UG---------10------0--------0 eth1

Final do arquivo de log

#tail -f /var/log/pluto.log
"SiteA" #2: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xa4b1114c <0x1a3c7344 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
| modecfg pull: noquirk policy:push not-client
| phase 1 is done, looking for phase 2 to unpend <------- PROCUREI TAMBEM NO GOOGLE POR ISTO
| * processed 0 messages from cryptographic helpers
| next event EVENT_NAT_T_KEEPALIVE in 20 seconds
| next event EVENT_NAT_T_KEEPALIVE in 20 seconds

tail -f /var/log/pluto.log
| handling event EVENT_PENDING_DDNS
| event after this is EVENT_PENDING_PHASE2 in 0 seconds
| inserting event EVENT_PENDING_DDNS, timeout in 60 seconds
| event added after event EVENT_PENDING_PHASE2
| handling event EVENT_PENDING_PHASE2
| event after this is EVENT_PENDING_DDNS in 60 seconds
| inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds
| event added after event EVENT_PENDING_DDNS
| pending review: connection "SanGEmive" was not up, skipped
| next event EVENT_PENDING_DDNS in 60 seconds



# ipsec auto --verbose --up SiteA
002 "SiteA" #1: initiating Main Mode
104 "SiteA" #1: STATE_MAIN_I1: initiate
003 "SiteA" #1: received Vendor ID payload [Openswan (this version) 2.6.32 ]
003 "SiteA" #1: received Vendor ID payload [Dead Peer Detection]
003 "SiteA" #1: received Vendor ID payload [RFC 3947] method set to=109
002 "SiteA" #1: enabling possible NAT-traversal with method 4
002 "SiteA" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
106 "SiteA" #1: STATE_MAIN_I2: sent MI2, expecting MR2
002 "SiteA" #1: I will NOT send an initial contact payload <--- PROCUREI NO GOOGLE POR ISTO MAS NAO CONCLUI NADA
003 "SiteA" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
002 "SiteA" #1: Not sending INITIAL_CONTACT <--- PROCUREI TAMBEM NO GOOGLE POR ISTO
002 "SiteA" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
108 "SiteA" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "SiteA" #1: received Vendor ID payload [CAN-IKEv2]
002 "SiteA" #1: Main mode peer ID is ID_IPV4_ADDR: '201.59.14.186'
002 "SiteA" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
004 "SiteA" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
002 "SiteA" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:13fb1db6 proposal=AES(12)_128-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1024}
117 "SiteA" #2: STATE_QUICK_I1: initiate

# ipsec status
000 using kernel interface: netkey
000 interface eth1/eth1 189.184.218.234
000 interface eth1/eth1 189.184.218.234
000 %myid = (none)
000 debug raw+crypt+parsing+emitting+control+lifecycle+klips+dns+oppo+controlmore+pfkey+nattraversal+x509+dpd+oppoinfo
000
000 virtual_private (%priv):
000 - allowed 3 subnets: 10.0.0.0/24, 192.168.15.0/24, 192.168.0.0/22
000 - disallowed 0 subnets:
000 WARNING: Disallowed subnets in virtual_private= is empty. If you have <--- NÃO SEI SE ISTO ESTA ATRAPALHANDO!
000 private address space in internal use, it should be excluded!
000
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=6, name=ESP_CAST, ivlen=8, keysizemin=128, keysizemax=128
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=13, name=ESP_AES_CTR, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=14, name=ESP_AES_CCM_A, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=15, name=ESP_AES_CCM_B, ivlen=12, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=16, name=ESP_AES_CCM_C, ivlen=16, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=18, name=ESP_AES_GCM_A, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=19, name=ESP_AES_GCM_B, ivlen=12, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=20, name=ESP_AES_GCM_C, ivlen=16, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=22, name=(null), ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
000 algorithm ESP auth attr: id=6, name=AUTH_ALGORITHM_HMAC_SHA2_384, keysizemin=384, keysizemax=384
000 algorithm ESP auth attr: id=7, name=AUTH_ALGORITHM_HMAC_SHA2_512, keysizemin=512, keysizemax=512
000 algorithm ESP auth attr: id=8, name=(null), keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=9, name=(null), keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=3, name=OAKLEY_BLOWFISH_CBC, blocksize=8, keydeflen=128
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65004, name=OAKLEY_SERPENT_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65005, name=OAKLEY_TWOFISH_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65289, name=OAKLEY_TWOFISH_CBC_SSH, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256, hashsize=32
000 algorithm IKE hash: id=5, name=OAKLEY_SHA2_384, hashsize=48
000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512, hashsize=64
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000 algorithm IKE dh group: id=22, name=OAKLEY_GROUP_DH22, bits=1024
000 algorithm IKE dh group: id=23, name=OAKLEY_GROUP_DH23, bits=2048
000 algorithm IKE dh group: id=24, name=OAKLEY_GROUP_DH24, bits=2048
000
000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0}
000
000 "SiteA": 192.168.15.0/24===189.184.218.234<189.184.218.234>[+S=C]:17/1701---189.184.218.233...189.184.218.233---200.50.14.186<200.50.14.186>[+S=C]:17/1701===192.168.0.0/22; unrouted; eroute owner: #0
000 "SiteA": myip=unset; hisip=unset;
000 "SiteA": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; nat_keepalive: yes
000 "SiteA": policy: PSK+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,22; interface: eth1;
000 "SiteA": dpd: action:clear; delay:0; timeout:0;
000 "SiteA": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "SiteA": IKE algorithms wanted: AES_CBC(7)_128-SHA1(2)_000-MODP1024(2)
000 "SiteA": IKE algorithms found: AES_CBC(7)_128-SHA1(2)_160-MODP1024(2)
000 "SiteA": ESP algorithms wanted: AES(12)_128-SHA1(2)_000; pfsgroup=MODP1024(2)
000 "SiteA": ESP algorithms loaded: AES(12)_128-SHA1(2)_160

Enviado em: 23/8/2015 11:54
Transferir mensagem para outros aplicativos Transferir


Re: Centos 6.3 ipsec site to site aguardando fase 2 (phase 1 is done, looking for phase 2 to unpend)
Home away from home
Cadastrado em:
14/2/2012 20:37
De Belo Horizonte MG
Grupo:
Registered Users
Mensagens: 688
Offline
Resolvi o problema com ajuda do Felipe Santos
https://br.groups.yahoo.com/neo/groups ... onversations/messages/715

Enviado em: 15/9/2015 10:23

Estefânio Brunhara San Giovanne Informática Ltda.
Soluções e integrações c/ Sistemas Inteligentes
Windows/Linux a melhor opção Empresa/Internet
(31)3375-1202 9-8846-2330
Transferir mensagem para outros aplicativos Transferir


Re: Centos 6.3 ipsec site to site aguardando fase 2 (phase 1 is done, looking for phase 2 to unpend)
Home away from home
Cadastrado em:
14/2/2012 20:37
De Belo Horizonte MG
Grupo:
Registered Users
Mensagens: 688
Offline
faltou fechar como resolvido! k


Enviado em: 15/9/2015 10:28
Transferir mensagem para outros aplicativos Transferir


Re: Centos 6.3 ipsec site to site aguardando fase 2 (phase 1 is done, looking for phase 2 to unpend)
Home away from home
Cadastrado em:
14/2/2012 20:37
De Belo Horizonte MG
Grupo:
Registered Users
Mensagens: 688
Offline
Faltou falar, meus teste foram feitos com o fontes do openswan,compilado, mas o rpm embarcado no centos6.3 funciona perfeito.

Enviado em: 15/9/2015 13:40
Transferir mensagem para outros aplicativos Transferir


Re: Centos 6.3 ipsec site to site aguardando fase 2 (phase 1 is done, looking for phase 2 to unpend)
Quite a regular
Cadastrado em:
9/11 0:33
De shanghai
Grupo:
Registered Users
Mensagens: 63
Offline
of oakley view, rolex replica I coach factory outlet online am dansko shoes outlet too." oakley holbrook Said jimmy choo outlet the nfl colts jerseys Englishman, nfl redskins jerseys "I nfl 49ers jerseys do air max thea not kate spade bags know rolex watches what is soccer shoes outlet alchemy." hermes tracksuits When coach factory outlet the ray ban outlet warehouse michael kors outlet boss nike uk they tn requin pas cher began nike soccer shoes to tommy hilfiger canada call out tory burch Maybe air force he michael kors outlet online sale is easton bats also chi flat iron studying nfl jaguars jerseys cosmic bcbg max azria language mlb jerseys that fred perry everyone omega watches can hornets jersey know montre femme the portland trail blazers jerseys past ray ban wayfarer and giuseppe zanotti sneakers the ray ban uk future. miami heat jersey "Hunch", mcm backpack it spurs jerseys is nike customary hermes birkin to louboutin shoes say michael kors handbags mothers. pumas The air yeezy boy hogan shoes began nike roshe run to converse understand oakley sunglasses outlet hunch atl jerseys is oakley sunglasses cheap the prada shoes soul hollister co of ralph lauren factory store the cheap oakley universe vans lives barbour jackets outlet moment oakley to skechers canada sneak long champ into adidas clothings torrents, pandora charms the burberry world longchamp black friday of air max 90 feeling.Time rockets jerseys away new york knicks jersey a utah jazz jerseys lot oakley outlet of louboutin things baseball jerseys around us, celine outlet and thunder jerseys taught north face us nfl cowboys jerseys a soccer jerseys lot air max of under armour outlet sense. nfl raiders jerseys This ray ban intermediate tommy hilfiger to nike outlet and michael kors outlet online fro lacoste outlet loss givenchy and coach factory outlet picked hugo boss up, nike roshe run left salvatore ferragamo to toronto raptors jerseys become nfl broncos jerseys a michael kors purses surprise, become michaelkors.com lost swarovski memories. ray-ban sunglasses Four swarovski crystal years nfl bills jerseys time, coach outlet filled converse with memorable nfl texans jerseys note, nba jersey remember louboutin shoes when adidas shoes the nfl falcons jerseys sky fred perry polos is cheap eyeglasses blue, beats by dre headphones you air max shoes are polo ralph lauren outlet online very burberry sale bright huarache under timberland shoes the jordans sun, polo ralph when the nfl jerseys wind is kate spade handbags very light, barbour mens jackets like nfl chargers jerseys most nike shoes of ralph lauren your louboutin shoes youth.Graduation ray ban black friday is omega watches like fidget spinner a coach factory outlet online marker, polo ralph lauren a air max 95 trace, adds salomon a skechers mens shoes warm pandora bracelet life coach outlet online on oakley everyone kate spade handbags to coach black friday leave jordan retro 11 the designer handbags ivory true religion jeans outlet tower lakers jersey body nike roche painting, ray ban and coach factory outlet will versace not prada handbags be nike id sad ray-ban sunglasses parting armani watches get mcm handbags too longchamp cold.The babyliss flat iron world montblanc is michael kors outlet online sale a polo ralph lauren hurried rolex watch retreat burberry handbags of omega the nba jersey world, mens hoodies when michael kors bags a ray ban person longchamp graduates michael kors outlet away lebron james shoes ignorant michael kors outlet Love, nike outlet we nike free trainer 5.0 still nfl dolphins jerseys have michael kors to burberry outlet online silence cheap barbour jackets the new balance road skechers shoes outlet in vans shoes one marc jacobs handbags hand swarovski online shop and true religion outlet the puma online shop curse nuggets jersey is nike real huarache promise, michael kors outlet online and nike mercurial no burberry outlet online place hollister to north face outlet talk woolrich clearance hand oakley pas cher write michael kors outlet online sale the mlb jerseys words, mcm backpack outlet and nike factory then ray ban outlet re-start juicy couture handbags a reebok new christian louboutin life. nike air max University cle Jerseys was beats headphones a ralph lauren very michael kors handbags warm converse outlet story, iphone 4s cases many ray ban pas cher years cheap ray ban later, nike free when wholesale handbags the edges longchamp outlet are michael kors outlet store polished ralph lauren dream coach bags outlet a supra shoes outlet reality, celtics jerseys then timberland boots we birkenstock taschen deutschland can nike factory outlet hold nhl jerseys a ray bans very coach outlet usa indifferent hollister clothing mood, oakley sunglasses waiting tory burch sale period calvin klein outlet once michael kors warm iphone 5s cases stories hollister kids getting mcm bags old.Youth mcm bags is asics gel a adidas zx bumpy nike free road, brooklyn nets from hermes belt far longchamp and adidas near to ray ban sunglasses outlet us nfl jerseys extending michael kors from, polo ralph lauren who burberry handbags do eyeglasses frames not nfl browns jerseys know barbour outlet store where nfl steelers jerseys it nike shoes leads, so we burberry outlet online always walk wholesale handbags in birkenstock the orlando magic jerseys direction pandora jewellery australia towards golden state warriors the true religion visible, michael kors stumbled phoenix suns jerseys leaving hilfiger outlet shallow hollister clothing store and north face deep ed hardy shadowy new balance store figure nfl titans jerseys shallow plein shoes imprint.Staring oakley at new balance the ralph lauren uk old cheap coach purses period nike air max of dsquared2 shoes the new balance shoes day, burberry handbags by rolex watches the veneta wind nfl lions jerseys leaves asics the hogan sound boutique clothing lost, ralph lauren outlet walking free running on adidas.nl campus ferragamo shoes footprints coach factory online gradually birkenstock deutschland stranded, easton bats floating in north face canada the roshe air nfl packers jerseys restless swarovski jewelry dreams, polo ralph lauren outlet hot, christian louboutin flowing omega watches in the nfl patriots jerseys hearts valentino shoes of thomas sabo teenage new orleans pelicans jerseys love, nfl giants jerseys there levis outlet is dre headphones still detroit pistons jersey a ferragamo shoes outlet the sacramento kings jerseys unspoken confession, ralph lauren outlet online all nfl jets jerseys under air jordan one minnesota timberwolves jerseys left hollister online shop in ray ban prezzi tears michael kors uhren watered bcbg max go michael kors outlet online back uhren shop yesterday.Youthful instyler years, oakley outlet online there nfl rams jerseys is bulls jersey laughter, north face jackets there nfl bears jerseys are north face backpacks tears, polo outlet online there beats by dr dre is a oakley sunglasses sigh, polo ralph lauren outlet there washington wizards jerseys is burberry outlet nostalgia, longchamp handbags the ecco mens shoes time swarovski crystal when coach bags friday the ralph lauren outlet spread nfl ravens jerseys of burberry outlet moss jimmy choo feet nike roshe run of oakley sunglasses cheap soil, we huaraches are hollister co all purses and handbags grown. pandora jewelry Think coach outlet store back swarovski canada once converse sneakers the michael kors outlet online fate burberry outlet online of nfl azcardinals jerseys the nike air max 90 arrangement, oakley standard issue even stone island jackets if ray ban pas cher the ralph lauren outlet online youth ralph lauren uk into nike shoes the nfl seahawks jerseys sky oakley black friday filled nike air with 76ers jerseys discrete clippers jerseys topic, coach outlet I cheap jordans always long champ glad air max fleeting vibram five fingers encounter, adidas online shop to nike leave prada outlet our coach factory lives nhl jerseys so the north face outlet rich prada wonderful doudoune north face title indiana pacers jerseys page.Years nike roshe run later, we hermes birkin bag sit timberland outlet in shoes outlet cozy horloges little nike store house, burberry a michael kors purses better coach shop factory TV air max watching, mavericks jerseys enjoying nfl bengals jerseys the air max pas cher beautiful nfl buccaneers jerseys fresh, memphis grizzlies jerseys youthful michael kors bags will milwaukee bucks jerseys really ferragamo understand nfl saints jerseys the versace clothes meaning. michael kors Young oakley store men mbt shoes and rayban women cheap ray ban among tommy hilfiger outlet stores those polo ralph segments dsquared2 sale from jerseys from china the fitflop shoes injury reebok outlet occurred bottega in just tommy hilfiger outlet one giuseppe zanotti episode air max in juicy couture clothings their pandora charms youth, ralph lauren polo and cheap true religion those fendi shoes who new balance hurt ray ban sunglasses us nfl chiefs jerseys and vans who nike running shoes love adidas online shop our burberry handbags people tommy hilfiger online are red bottom shoes our pandora youth nba jersey growing air jordan shoes witness, nike air max it louboutin shoes is air jordan retro our true religion jeans outlet youth marc jacobs handbags the prada sunglasses meaning air max 2007 of supra shoes existence.Youth northface is jordan retro like thomas sabo a philipp plein clothes trip, barbour I nike jordan do oakley vault not timberland pas cher care the north face about the nfl eagles jerseys destination, basketball shoes but michael kors bags in michael kors handbags the nfl panthers jerseys scenery mizuno and true religion jeans women look chrome hearts clothings at tommy hilfiger online shop the flat iron scenery ferragamo along hogan sito ufficiale the cheap oakley sunglasses way adidas the cheap oakley sunglasses mood.Youth, replica watches like nfl vikings jerseys

michael kors

Enviado em: 9/11 6:57
Transferir mensagem para outros aplicativos Transferir






Você pode exibir os tópicos.
Você não pode iniciar um novo tópico.
Você não pode responder.
Você não pode editar.
Você não pode excluir mensagens.
Você não pode incluir votações.
Você não pode votar.
Você não pode anexar arquivos.
Você não pode enviar mensagens sem aprovação.

[Pesquisa Avançada]