Check the matching policy on the SSG5 and see if the traffic is there. I'm guessing it is not.
Confirm the tunnel is up and running. ( I assume it is because you imply you can ping from SSG5 to SSG320). If not look at the logs and troubleshoot the vpn errors.
Double check that both directions of policies are in place.
Double check the address objects are the correct scope.
Double check the order of policies so that this one sees the traffic before others.
If none of that works, you will need to capture the traffic and see how it is handled. This is done with debug flow on both firewalls. This is a commnad line utility that shows you each step in the packet flow. You can confirm that the packet leaves out the vpn tunnel on the SSG320 and then see how the SSG5 handles it and why it is dropped.
The output of this can be difficult to read so feel free to post if it is not clear what you are seeing.
DEBUG FLOW BASIC :
==================
1. undebug all - we are assuring that the debug utility is not already running.
2. get ffilter - we would expect to get no response. This tells us we have not set up any flow filters as of yet. If you should see filters listed you can delete them with unset ffilter.
3. set ffilter src-ip x.x.x.x(computer A) dst-ip x.x.x.x(computer B)
set ffilter src-ip x.x.x.x(Computer B) dst-ip x.x.x.x(computer A) by doing this we can observe the packets flowing in each direction and where any possible problems may be. Basically we want to define the end points of communication.
5. clear db - this will clear the debugging cache.
6. debug flow basic - this turns the debugging utility on.
7. initiate the traffic you are interested in capturing.
8. get db stream - this is the actual packet capture output that we want.
Removal of settings when done
9. undebug all - turns the utility back off.
10.unset ffilter 0 - this will need to be done twice, once for each filter that we set up earlier.
11.clear db - this will clear the cache.