It looks like I receive his ping and I reply to it. I also send a ping, but get no reply. Is that a correct interpretation?
If you were both pinging simultaneously, then yes, it is a correct interpretation.
The fact that you receive the ESP says that everything is OK with routes towards you
and policies at PA side and also with ESP forwarding on the internet path from the PA to you. So to me, the issue is most likely at the PA side, because dropping ESP only in one direction makes little sense to me. It is also possible that the PA doesn't understand our ESP packets, so if there are any diagnostic counters, they're worth checking.
One thing is that the "intuitive" behaviour of the firewall, where you let in responses to what you've let out, is not automatic, the firewall must be configured that way.
Another thing is that lacking any knowledge about the network at the PA end, there may be simply a missing route from the PA to the LAN subnet
to/from which you test the ping.
NB, if you make the CLI window where you run /tool sniffer
as wide as your screen allows before
you start sniffing, you'll get more information about the packets. But doing so won't help with this particular issue.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.