Take a look at how hairpin routes are processed in Meraki. https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#Hairpin_Routing If I'm reading it correctly, the MX will source the traffic from the LAN IP rather than the WAN IP and thus hitting your ACL. Another good community thread on this is - Solved: HairPin Nat/Loop back NAT - The Meraki Community
... View more
