He shouldnt need a static route for this to work, His VPN is clearly up at this point, the traffic will know where to go, infact all traffic will now go via the VPN instead of the local subnet. However the firewall is a good point. If you do an ip scan of the 192.168.10/24 subnet once you are VPN'd in does anything reply? If not i wonder if you have forwarded GRE through the firewall too? Im pretty sure it wouldnt have let you get this far but its something to check.