we wouldn't be able to authenticate if it was not , in any case when I check for the site to site connection it looks up and running. I have created nsg rules for 1433 and redirection on the tunnelled Vnet. This is why I am thinking your initial assessment of it being a routing issue is correct. The 1433 connection from SSMS does not seem to be hitting the Azure Vnet and therefore not getting forwarded to the SQL MI. This is why I as thinking that it was a meraki firewall issue but really not confident on this at all. Not sure how it all connects (as in is this a DNS issue?)
... View more
