Take a look at how hairpin routes are processed in Meraki. https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#Hairpin_Routing   If I'm reading it correctly, the MX will source the traffic from the LAN IP rather than the WAN IP and thus hitting your ACL. Another good community thread on this is - Solved: HairPin Nat/Loop back NAT - The Meraki Community ... View more

Typically it would simply be a network under the existing organisation.   If the two entities operate independently and don't have any requirements for the two networks to talk to each other, then you could create a separate organisation, but this would not be under the European account. ... View more