[Acidio]

Maverick's advice is good. Stick with the simplified mode policy, they work. I have many site-to-site VPN's from CP to Cisco, Nortel, Watchguard etc and all are under simplified mode policies. Also, simplified mode is the way Check Point are moving, traditional mode won't be an option to use in the future - not sure when, but this is information I have from my Check Point contacts.

There are a number of things to try. Try using MD5 and then test, if that doens't work, try SHA1. I've had instances where one will work but the other won't. It it imperative you have the Cisco encryption domain set correctly, Check Point is far more forgiving in this area than Cisco. Also, try setting all the traditional mode options in the gateway objects to match. While this is not strictly required in a simplified mode policy they may help.