Is this the the exact config you have running?

policies {
        from-zone trust to-zone untrust {
            policy trust-to-untrust {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
            policy Bayant-to-Mdc {
                match {
                    source-address Local-Subnet;
                    destination-address MDC-Remote-Subnet;
                    application any;          }
                then {
                    permit {
                        tunnel {
                            ipsec-vpn Bayan-VPN;
                        }
                    }
                    log {
                        session-init;
                        session-close;
                    }
                }
            }

If so, the first thing that you need to do is re-order you trust-untrust security policy rules.  Your rule with the permit tunnel IPSEC needs to be at the top.

i done this re-ordering what is feel  i m missinf something in policies

then {
                    permit {
                        tunnel {
                            ipsec-vpn Bayan-VPN;
                        }

there should be pair-policy also what u guys suggest there is no pair-policy for traffic going  from trusy to untrust

and untrust to trust

Once you do your reodering is traffic passing through the IPSEC tunnel?

I skipped over this in your first post:

root@Bayanat_FW# run show security ike security-associations 

[edit]
root@Bayanat_FW#

root@Bayanat_FW# run show security ipsec security-associations
  Total active tunnels: 0

If this is still  the current output of the these command then your IPSEC tunnel is not up.  You will need to troubleshoot the Phase 1 IKE proposals/policy first.  Do you know how to do that?

The pair-policy command aids in requires one SA for the IPSEC and changes the way the Proxy-ID is deduced.

Refer to this link for the full details:

http://www.juniper.net/techpubs/software/junos-security/junos-security96/junos-security-cli-referenc...

 i did re-ordering i can see traffic flow from my side to other side  but not coming from untrust to trust

what did i say regarding pair-policy are u acknowleding it 

i made dumy configuration on MY SRX  with pair-policy  when i do

run show security ike security-associations it showing me  peer address state is down while in real environment

run show security ike security-associations   is showing emtpy below is my config and result

root# show
policy Trust-to-Untrsut {
    match {
        source-address 192.168.10.0;
        destination-address 192.168.11.1;
        application any;
    }
    then {
        permit {
            tunnel {
                ipsec-vpn Remote-VPN;
                pair-policy Untrust-to-Trust;
            }
        }
    }
}

oot# show
policy Untrust-to-Trust {
    match {
        source-address 192.168.11.1;
        destination-address 192.168.10.0;
        application any;
    }
    then {
        permit {
            tunnel {
                ipsec-vpn Remote-VPN;
                pair-policy Trust-to-Untrsut;
            }
        }
    }
}

root# run show security ike security-associations
Index   Remote Address  State  Initiator cookie  Responder cookie  Mode
3       58.64.73.2      DOWN   42531db884ce4738  0000000000000000  Main

I commented on the pair-policy in my previous post.

What is the output of these commands:

root@Bayanat_FW# run show security ike security-associations 

root@Bayanat_FW# run show security ipsec security-associations

If you see an established SA then run this command:

run show security ipsec statistics 

This command will show if packets are being encrypted and decrypted.

From you previous post you displayed the output from a session flow, remember a session flow doesn't mean that the IPSEC tunnel is up and that traffic is being encrypted.  Also a flow will show a return line based on the originating packet, it doesn't mean that traffic has really returned.

root# run show security ike security-associations
Index   Remote Address  State  Initiator cookie  Responder cookie  Mode
3       58.64.73.2      DOWN   42531db884ce4738  0000000000000000  Main

This needs to show UP not DOWN for the IKE/ISAKMP communication to be working correctly.  You need to double check with the admin of the PIX on the settings in your IKE proposals/policy.  Something is not matching.

Take a look at this guide for methods of debuging / viewing IKE issues.

http://computerlink.se/se/downloads/datasheets/SRX_Troubleshooting.pdf

no actually what did iay the last config whihc i have snet is dummy config whihc i have done on SRX for practice

whne i do 

run show security ike security-associations  

Index   Remote Address  State  Initiator cookie  Responder cookie  Mode
7       58.64.73.2      DOWN   1cc9f31a6ebc8b71  0000000000000000  Main       

it giving me a  status as i add pair-policy 

when i do same thing in my real envirormnetn VPN

run show security ike security-associations  

               
showing me empty  in real environment i didnt configure pair-policy so i m asking is it necessary  to configure pair-policy because im doing  interface nat as well

I do pair-policy as a matter of standard practice.  So yes implement pair-policy.

This probably will not solve the issue of IKE SA establishment.  This most likely an issue with the proposals.