All things Palo Alto Networks
An alternative is after you get the config imported to the new hardware and adjusted as needed for the different interfaces, rack the new firewalls physically adjacent to the old (so all cables which have been labeled will reach) then in a maintenance window quickly swap them from the old to the new.
You'll have a brief hard outage, but it's a quicker process.
You can't have no-downtime as you're switching out chassis. You can do a couple of things to minimize downtime but you will still need a maintenance window. Some things you won't be able to get past is your VPN connections. Unless you can gently reroute those to the new firewall before the cutover, all connections will need to be re-established the moment you do the cutover.
Preventing as much downtime a possible, you can start by transplanting the configuration over to the new firewall and making sure it is fully set up and attached to all peripherals before getting started: launch it in a lab environment to ensure functionality, then move it into production with the switch interfaces set to shut mode
The short term scenario is as follows:
Once you are ready to do the cutover, temporarily disable TCP checks :
# set deviceconfig setting tcp asymmetric-path bypass