Add security for ITS Integrated

Similar Messages

• How to add security for webservice invoke

  Hi All,
  Please let me know how to invoke the webservice in BPEL process with security details.
  Thanks,
  Suresh

  Hi Santhosh,
  You may add security for your API's by using:
  Mutual certificate authentication
  Using OAuth 2.0
  Manage developer accounts
  Regards,
  Manu Rekhar

• How to add security for Azure Cloud Service?

  Hi,
  We have build some API's in azure cloud service.
  We want to add security for Azure Cloud Service.
  How to add security for Azure Cloud Service?

  Hi Santhosh,
  You may add security for your API's by using:
  Mutual certificate authentication
  Using OAuth 2.0
  Manage developer accounts
  Regards,
  Manu Rekhar

• Where can I locate the add-on for Thunderbird on OS X?

  Hello guys:
  I've just downloaded a add-on for Tor integration. However, after restarting the Thunderbird, I can't launch it at all. So I guess that it may be caused by the new add-on couldn't be loaded successfully. Hence, I wanna delete the add-on manually.
  BUT I can't found out the add-on folder for Thunderbird on OS X, I looked at ~/Library/Application Support/Mozilla and Thunderbird bundle, but I can't found it. So I want to ask: Where Can I Locate the add-on for Thunderbird on OS X, which path?
  Thank you!

  ''Toad-Hall [[#answer-668512|said]]''
  <blockquote>
  https://trac.torproject.org/projects/tor/wiki/torbirdy
  Read section 'TorBirdy with Tor and Tor Launcher' as it mentions TB not starting and how to fix.
  Sorry do not anything about manually uninstalling.
  </blockquote>
  For OS X:
  1. Enter into: ~/Library/Thunderbird/Profiles/${CURRENT_PROFILE_FOLDER}/extensions (as shown in following screenshot)
  2. Delete the .xpi bundle we wanna delete

• Security settings for CRM Integration with SharePoint

  I have successfully integrated CRM 2015 and SharePoint 2013, both on-premise. I can see the SharePoint iframe on my CRM.
  Next, is to set up the security. Only users with access to CRM record can access the respective SharePoint folders.
  After I set up the security in SharePoint, i.e, by only giving permission to the specific folder and not the root site's Visitors group, the iframe on CRM side displays an error. It seems that the iframe is trying to access the root URL first, to which the
  users don't have access, hence the error.
  Am I missing something or is it not possible? Little explanation is given on MSDN about the security settings.
  Another question, is there any plan for Microsoft to support server based integration for on-premise version?

  crm does not give the rights through to sharepoint. u have the option to open sharepoint external with list component where you must take away the sharepoint rights and for us never a usefull option. We created custom application internal and did not published
  sharepoint, we programmed so that documents are visible in iframe via a IIS website and looks to the logged-in user´s and only the documents are visible which belongs to his security role. its a lot of work but we found that it is also faster then the list
  component.
  gruss Daniel Ovadia MBSS - Microsoft Dynamics CRM MCNPS

• I cant buy game add ons because its asking me to verify my account. I cant because i dont remember my security answers can anyone help me?

  Awhile back i lost my email security questions. The same email is linked to my apple id. I also lost my Security questions to my apple id. I added money to my apple account and im trying to buy an app add on but its asking for answers to my security questions, and i cant verify through email becuase i lost the answers to that to. I need someone to help me change my security questions or what ever needs to be done becuase as i said i added money to my account and if i cant use the money then ill be very upset and mad.

  Same thing happene to me!!! I need help I have money on my account but I don't remember my security questions... :(

• WS-Security and proxy service: Unable to add security token for identity

  What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
  I did simple "hello word" proxy service and tried to apply custom policy binding.
  WS-Policy is next:
  <wsp:Policy wsu:Id="WS-Policy-Siebel"
       xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
       xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
       <wssp:Identity
            xmlns:wssp="http://www.bea.com/wls90/security/policy">
            <wssp:SupportedTokens>
                 <wssp:SecurityToken
                      TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
                      <wssp:UsePassword
                           Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
                 </wssp:SecurityToken>
            </wssp:SupportedTokens>
       </wssp:Identity>
  </wsp:Policy>
  Process WS-Security is setted to "yes".
  While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
  But at the end I get the fault:
  Soap fault:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header/>
  <env:Body>
  <env:Fault>
  <faultcode>env:Server</faultcode>
  <faultstring>Unable to add security token for identity</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  In console:
  <09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
  ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
  --- Error message:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
  able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
  weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
  at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
  at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
  Truncated. see log file for complete stacktrace
  Incoming soap message is:
  <soapenv:Envelope      xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security      soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken      wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>testuser</wsse:Username>
  <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <wss:NewOperation      xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
  <in>string</in>
  </wss:NewOperation>
  </soapenv:Body>
  </soapenv:Envelope>
  Edited by: Andrey L. on Jun 9, 2010 5:55 PM

  I thought you were getting that exception when accessing the proxy.
  No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
  Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
  Are you getting this exception when routing to a business service which is configured for WS-Security ??
  I don't use business service in this test project - only simple proxy service with all logic inside.
  PS transformation in replace action is very simple too:
  (:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
  (:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
  declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
  declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
  declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
  as element(ns0:NewOperationResponse) {
  <ns0:NewOperationResponse>
  <out>Hello, { data($newOperation1/in) }!</out>
  </ns0:NewOperationResponse>
  declare variable $newOperation1 as element(ns0:NewOperation) external;
  xf:Hello($newOperation1)
  Edited by: Andrey L. on Jun 10, 2010 12:21 PM

• I have an IPone 4, there is an add video for Capital one that keeps coming up on its own... ive deleted my history and cookies and this video keeps taking over my phone. how do i get rid of it? the video is of a man with a puppet and the puppet is singing

  i have an IPone 4, there is an add video for Capital one that keeps coming up on its own... ive deleted my history and cookies and this video keeps taking over my phone. how do i get rid of it? the video is of a man with a puppet and the puppet is singing a song while he is checking his phone. how do i get rid of it????

  If it happens again the make sure that you aren't suppressing website colors.
  Make sure that you allow pages to choose their colors and that you haven't enabled High Contrast in the Accessibility settings.
  *Tools > Options > Content : Fonts & Colors > Colors : [X] "Allow pages to choose their own colors, instead of my selections above"
  *https://support.mozilla.org/kb/Options+window+-+Content+panel
  *http://kb.mozillazine.org/Website_colors_are_wrong
  *http://kb.mozillazine.org/Websites_look_wrong

• I forgot my security answer and i forgot add email for my reset password! How can i do to reset my security answer because my account backup everything

  I forgot my security answer and i forgot add email for my reset password! How can i do to reset my security answer because my account backup everything! Please have me!

  Contact itunes store security
  expresslane.apple.com > itunes > itunes store > accounts and billing

• Unable to add security token for identity

  Hi all,
  I am trying to implement a web service with username token authentication. I have defined the ws -policies in the wsdl, and checked the Process Security Header checkbox in the proxy configuration. But when I invoke the proxy through test console and pass the full soap envelope , I am getting an "Unable to add security token for identity" error
  This is how the soap header looks from the request document part of the test console:
       <soap:Header>
       <wsse:Security>
       <wsse:UsernameToken>
       <wsse:Username>xxxxx</wsse:Username>
       <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">yyyyyy</wsse:Password>
       </wsse:UsernameToken>
       </wsse:Security>
       </soap:Header>
       <soap:Body>
  I have configured the user at alsb security configuration and added an acces policy stating that the proxy can be accessed only by user "xxxx"
  Please help
  -Atheek

  Mostafa ,
  This points to a misconfiguration of your security. Possible causes are:
  * There is not a valid RSA key to sign the SAML token with.
  * The SAML CredentialMapper is missing
  * There is no Relying Party (rp) configured for SAML Credential Mapper that matches your producer
  * The producer is using User Name Token and you have no configured the DefaultCredentialMapper to allow for UserNameToken.
  Good Luck,
  Nate
  Edited by: user650654 on Sep 9, 2008 4:31 AM

• Where is security relevent information such as Password for ITS are stored?

  where is security relevent information such as Password for ITS are stored?

  Single Sign-On with User ID and Password
  Purpose
  The Single Sign-On (SSO) mechanism with user name and password provides an alternative for applications that cannot accept and verify SAP logon tickets. With this SSO mechanism the Portal Server uses user mapping information provided by users or administrators to give the portal user access to external systems. The portal components connect to the external system with the user’s credentials.
  As the user's user ID and password are sent across the network, you should use a secure protocol such as Secure Sockets Layer (SSL) for sending data.
  Process Flow
  There are different procedures depending on the requirements.
  Single Sign-On to SAP Systems
  You can access SAP Systems that do not support SAP logon tickets via Single Sign-On with user ID and password. These are SAP Systems with release 3.1I. For more information, see Configuring SSO with User ID and Password to SAP Systems.
  Single Sign-On to non-SAP systems via a Java iView developed specifically for the customer
  The system must be defined in the system landscape. For details, see Creating Systems.
  The administrator or user must map user data to user data in the system. For more information, see User Mapping.
  The iView through which the user tries to access the system must be programmed to get the mapped user data from the data repository and write the user credentials (user ID and password) in a header field of the request. The system can then log on the user with these credentials. This can be done using the Java APIs provided with SAP Enterprise Portal.

• Exception: Unable to add security token for identity

  Hi Friends,
  I was trying to add SAML tokens(Sender-Voucher Profile) to my web services. I configured WLS and ALSB with all Authentication settings but I get a SOAPFaultException when i run the client.
  javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for identity
  I tried the following samples:
  https://codesamples.projects.dev2dev.bea.com/servlets/Scarab/remcurreport/true/template/ViewIssue.vm/id/S10/eventsubmit_dosetissueview/foo/resultpos/-1/nbrresults/0/action/ViewIssue/tab/2/readonly/false
  https://codesamples.projects.dev2dev.bea.com/servlets/Scarab/remcurreport/true/template/ViewIssue.vm/id/S203/nbrresults/39
  Is there any configuration on WLS that needs to be verified when we get this Exception "Unable to add security token for identity"??
  Any help is appreciated in this regard.
  Thanks,
  Kiran

  Hello Kiran,
  Is this problem resolved?. I am facing the same problem when i was trying to call a service .
  The exception i got is as follows:
  (D-113003875) server (IBwlpAdminServer) Method (com.zurich.ep.global.produc
  metadata.impl.ProductMetaDataServiceImpl.getAllProducts:234) ==> Host (D-113003
  75) server (IBwlpAdminServer) Method (com.zurich.ep.service.delegate.AbstractEx
  eptionHandler.logException:67)
  om.zurich.ep.exception.ServiceFailureException: SOAPFaultException - FaultCode
  {http://schemas.xmlsoap.org/soap/envelope/}Server] FaultString [Unable to add s
  curity token for identity] FaultActor [null]No Detail; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for
  dentity
  at com.zurich.ep.global.productmetadata.impl.ProductMetaDataServiceImpl.
  etAllProducts(ProductMetaDataServiceImpl.java:234)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  ava:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  orImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.zurich.ep.service.delegate.ServiceDelegateProxy.invoke(ServiceDel
  gateProxy.java:135)
  at $Proxy62.getAllProducts(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  ava:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  orImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.zurich.ep.service.delegate.ServiceAdapter.invoke(ServiceAdapter.j
  va:97)
  at $Proxy63.getAllProducts(Unknown Source)
  at com.zurich.ep.global.productmetadata.v20090601.ProductMetaDataService
  ortTypeImpl.getAllProducts(ProductMetaDataServicePortTypeImpl.java:119)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  ava:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  orImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at weblogic.wsee.component.pojo.JavaClassComponent.invoke(JavaClassCompo
  ent.java:99)
  at weblogic.wsee.ws.dispatch.server.ComponentHandler.handleRequest(Compo
  entHandler.java:64)
  at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
  va:127)
  at weblogic.wsee.ws.dispatch.server.ServerDispatcher.dispatch(ServerDisp
  tcher.java:85)
  at weblogic.wsee.ws.WsSkel.invoke(WsSkel.java:80)
  at weblogic.wsee.server.servlet.SoapProcessor.handlePost(SoapProcessor.j
  va:66)
  at weblogic.wsee.server.servlet.SoapProcessor.process(SoapProcessor.java
  44)
  at weblogic.wsee.server.servlet.BaseWSServlet$AuthorizedInvoke.run(BaseW
  Servlet.java:173)
  at weblogic.wsee.server.servlet.BaseWSServlet.service(BaseWSServlet.java
  92)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
  StubSecurityHelper.java:223)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
  yHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
  :283)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
  :175)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
  .run(WebAppServletContext.java:3245)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
  Subject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
  21)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
  rvletContext.java:2003)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
  ntext.java:1909)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
  va:1359)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  aused by: java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://sch
  mas.xmlsoap.org/soap/envelope/}Server] FaultString [Unable to add security toke
  for identity] FaultActor [null]No Detail; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for
  dentity
  at com.zurich.ep.service.delegate.AbstractExceptionHandler.logException(
  bstractExceptionHandler.java:67)
  at com.zurich.ep.service.delegate.client.WebServiceBusinessDelegate.invo
  e(WebServiceBusinessDelegate.java:260)
  at $Proxy61.getProductFunctionality(Unknown Source)
  at com.zurich.ep.global.productmetadata.impl.ProductMetaDataServiceImpl.
  etAllProducts(ProductMetaDataServiceImpl.java:201)
  ... 39 more
  aused by: javax.xml.rpc.soap.SOAPFaultException: Unable to add security token f
  r identity
  at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:265)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandle
  .java:106)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.jav
  :91)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandle
  .java:79)
  at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.jav
  :254)
  at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.
  ava:224)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(Clie
  tDispatcher.java:161)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDisp
  tcher.java:116)
  at weblogic.wsee.ws.WsStub.invoke(WsStub.java:89)
  at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:335)
  at com.zurich.ep.global.chassisauthorisation.v20090601.ChassisAuthorisat
  onServicePortType_Stub.getProductFunctionality(ChassisAuthorisationServicePortT
  pe_Stub.java:145)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  ava:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  orImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.zurich.ep.service.delegate.client.WebServiceBusinessDelegate.invo
  e(WebServiceBusinessDelegate.java:225)
  ... 41 more
  aused by: weblogic.xml.crypto.wss.WSSecurityException: Unable to add security t
  ken for identity
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(Secur
  tyPolicyDriver.java:175)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(Secur
  tyPolicyDriver.java:73)
  at weblogic.wsee.security.WssClientHandler.processOutbound(WssClientHand
  er.java:69)
  at weblogic.wsee.security.WssClientHandler.processRequest(WssClientHandl
  r.java:53)
  at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:72)
  at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
  va:127)
  at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
  va:100)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDisp
  tcher.java:101)
  ... 49 more
  Thanks,
  JK

• Firefox will NOT sync since adding password integration add-on for my macs. Is there a plan to resolve this conflict? Once I uncheck password sync works.

  I continue to obtain a sync error with unknown error. After spend a few hours online and troubleshooting, I determined by un-checking password sync, no errors were received. I added the add-on for Mac password integration and can only conclude that adding this feature has conflicted with my sync. Does anyone know of any issues or are there fixes already in place I am unaware. I am at that point to return to Safari for my macs due to this and other issues I have been having with Firefox. Thanks.

  Hi KevMB,
  Thank you for your question. I would recommend you try the new Firefox Sync, however currently it is available in beta starting Thursday.
  If the device is already authenticated and is syncs automatically, then the password does not have to be added every time. I do not understand how the Mac password integration works as you describe it to.
  If you are talking about choosing to sync stored passwords across devices please select any duplicates that may be stored in the profile under the preferences.
  [[How do I set up Firefox Sync?]] and[[Firefox Sync troubleshooting and tips]] are good references for more help.

• Cannot add security exception for government websites

  Ever since my most recent update in Firefox 4.0.1, I am no longer able to "add exception" for government websites I normally visit. The "Untrusted Connection" screen appears as it has many times in the past and when I try to click "add exception" nothing happens. This happens on any website with an "Untrusted Connection".

  If you install the DoD CA 2 root certificate and possibly the DOD CA-17 intermediate certificate then you do not need to add an exception.
  *https://www.dodpke.com/InstallRoot/
  *https://dod411.chamb.disa.mil/

• Network Security for a department

  Hi all ,
         Please go through my network diagram
  I am using ospf in the network .I only mentioned some of the routers in the diagram .
  Consider a Department A which is having a branch connected to Router R3 and to some other routers through E1 links   which is no mentioned here .
  Department A is having servers in the DMZ Zone of the firewall .
  I need to add security features(Ipsec) to the department A network either though firewall or through routers .Here consider 192.168.2.0/24 in the R3 as department A network .Need to provide ipsec or any other security features to 192.168.2.0/24 network only not to the whole R3 network .
  Routers Cisco  7206 ,7204

  Hi jennifer ,
     I understood the router part configuration .
    Let me clear a point
  In the pix ,servers are in the server zone whose security Level  is 95 and wan network in W AN zone and security level is 91. The ipsec is to be enable in WAN zone interface  for a particulaR traffic .
  interface Ethernet4
  speed 100
  duplex full
  nameif WAN
  security-level 91
  ip address x.x.x.x y.y.y.y
  interface Ethernet5
  speed 100
  duplex full
  nameif SERVER
  security-level 95
  ip address X.X.X.X Y.Y.Y.Y
  I had read the following link
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805e8c80.shtml
  I had totally confused with PIX  part .
  crypto ipsec transform-set avalanche esp-des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 3600
  crypto ipsec df-bit clear-df outside
  crypto map forsberg 21 match address Ipsec-conn
  crypto map forsberg 21 set peer 172.17.63.230
  crypto map forsberg 21 set transform-set avalanche
  crypto map forsberg interface outside
  tunnel-group 172.17.63.230 type ipsec-l2l
  tunnel-group 172.17.63.230 ipsec-attributes
  pre-shared-key *
  The above configuration is mentioning about one branch router and its ip 172.17.63.230.
  But i had 14 branch routers .Then what is the change in the network configuration also what is the significance of
  access-list nonat extended permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0
  .Here my traffic is not to the outside interface but only to the intranet .