How Many public IP be required to setup full HA Active-Active Mode With two Palo Alto NGFW 3020?

Hello Geeks,

I would like to ask for your kind support on my issues of 'How Many WAN IP will be required to setup full HA Active-Active failover mode with two Palo Alto NGFW 3020?' First of all, I would like to appologize you all if my question may make your mind complex. We already bought NGFW 3020 firewalls (Two) to upgrade our organization network design for better visibility and security. During the product shipping waiting time, we are discussing about new network design with vendors. We have total of two internet uplinks from two different ISP and we wanted to make a full HA active-active failover mode with these two firewalls, so they made the draft network design based on our current network design. Unfortunately, as we want to use the internet link directly to firewall WAN ports without any routers or switches in front of firewalls except ISPs' WAN switches, the vendor made full HA active-active failover design with two wan link from each ISP connection to each firewall's WAN Ports for full HA modes with full redundancy. So the total WAN link become 4 links to two firewall by connecting two cables for One ISP to each firewall's WAN 1 port and another two cables for other ISP to each firewall's WAN 2 port respectively! Now the problem is coming as the vendor said we need total of 6 Public IP addresses (Each firewall need 3 Public IP for 2 Internet Uplink from 2 ISP and 1 floating IP address)! For us, we don't clear why we need 3 Public IP for each firewall. Can't we make it only with two Public IP only and others with private IP addresses including for each floating ip address? As pulic ip are very expensive to purchase in our country, we want to use only minimum public IP in our design! Is it possible or we have no way except using all IP as public IP (for total 6 public IP)? Please kindly help me with this issues and greatly appreciate for all of your kind supports! So sorry for my long writting also.