I think it's just a matter of forwarding tcp/443 (tls) udp/443 (dtls) if you're using SSL VPN or udp/500 & udp/4500 if you're using IPsec.
Keep in mind that this will break some other functionality of the MX. You won't be able to use the local status page on the MX anymore (tcp/443) and client and site to site vpn will break too (udp/500 & udp/4500). See these links:
https://documentation.meraki.com/MX/Other_Topics/Using_VPN_through_an_MX_Security_Appliance
https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_Caveats
You could also switch to non-standard ports, but then you need additional configuration on the ASA.
Edit: Nvm, the local status pages use port 80 (http), not 443 (https) so that part was irrelevant. So only the site-to-site VPN and MX client VPN will break. And as @PhilipDAth mentioned below, AutoVPN will just work, that uses it's own UDP hole punching over UDP range 32768-61000. For future reference, Philip is right too that the port forwarding only breaks access to the local status page of the MX from the WAN side (which indeed is off by default).