Hi @JonathanC1,
For PBR, ACI needs to be the gateway of the servers.
However, with non-managed mode (no PBR), you can have the gateway on the firewall. For this case, you rightly mentioned that :- unicast routing needs to be disabled and flooding should be enabled.
I hope this was useful. Feel free to reach out incase of anything. Have a great day!!
Best Regards
Archisman