Hi Mahmoud,
Let me deal with some of your points. Clearly you need to get a better understanding of how ACI works and the role of VLAN tags. In ACI, VLAN tags are used to define the EPG, they are NOT used to define VLANs. If you do a Google search for Cisco ACI Configuration Tutorial you might find a good series of tutorials to help you understand.
So,
-Servers GW is FW connected to ACI with tag 100 for example
Great. Then in my eample above, map VLAN 100 to EPG-C in the EPG under Applicaiton Profiles > Your_Application_Profile > Application EPGs > EPG-C > Static Ports >+ Deploy Static EPG on PC, VPC or Interface (>+ means Right-Click) - slect the path where the GW resides and map VLAN 100 on the Port Encap (or Secondary ...blah...)
-If I configured two EPGs A&B and tag each server with100 ,
You won't. EPG-A and EPG-B will have to be given different VLAN IDs. Make sure the VLAN IDs you give them are part of the VLAN-Pool that is configured for the incoming ports. (If this confuses you, go and read the tutorials you found in the Google search I mentioned above)
how can I tag FW interface in two different EPGs with same vlan tag 100.
This is the key to understanding ACI. You now use VLAN tags to separate EPGs, not to define VLANs. Servers do NOT be have to be on the same "VLAN" as the GW, and in fact must NOT use the same VLAN tag.
I think I am missing some thing
Hopefully not missing as much now :)
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
