That looks fine.
The other side will create a tunnel for:
Local:192.168.68.0/24
Remote: 192.168.172.0/24
There will be a 1:1 mapping between 172.16.10.0/24 and 192.168.172.0/24 on your side
If you connect from 172.16.10.135 on your side they will see if coming from source 192.168.172.135 on their side.
If they connect to 192.168.172.23 they will actually get 172.16.10.23 on your side.
You cannot ping the 192.168.172.10 address directly because it does not actually exist on the firewall itself. It is only used for NAT through IPsec. You will have to test using traffic that is actually flowing through IPsec.
Pinging 192.168.172.1 from the other side (which will actually ping 172.16.10.1 on your firewall) should work as long as it is allowed by the firewall rules on your end and you are sourcing it from something in 192.168.68.0/24 on their end.