I did a search on the forums for multiple IP's and found a lot of posts talking about how the Palo deals with multiple external IP's - i.e. if your ISP assigns you a /29 block and you need to NAT multiple application into your network. So basically you pick one IP, load that on the Palo interface and then just do NAT. Palo will ARP for any additional IP's used in NAT rules without the need to load those additional IP's on the Palo interface. I would prefer to load the IP's on the interface regardless of NAT because then you can see which external IP's has been allocated to the Palo.
This post kinda touch on the need to have additional IP's loaded somewhere on the Palo, but it is not for NAT, it’s for Global Protect. How do I go about loading the additional external IP's from the /29 block on the Palo box to use in my Global Protect configuration? - i.e. I need one external IP for the gateway and another for the portal. Or what is the recommended way of setting this up?