This article describes some scenario where a loopback interface can be used.
The advantage of a interface it that this logical interface is always up (no physical link dependency) and the attached subnets always present in the routing table.
It allows connections to the FortiGate's loopback IP address without depending on one specific external port, and it is therefore possible to access it through several physical or VLAN interfaces (redundancy).
Multiple loopback interfaces can be configured in either non-VDOM mode or in each VDOM.
Note that using loopback interfaces requires the configuration of appropriate firewall policies to allow traffic to and from this (those) interface(s)
Some scenario where a loopback interface can be used:
Note 1 : Dynamic routing protocols can be enabled on loopback interfaces
Note 2 : For blackhole static route, use the blackhole route type instead of the loopback interface.
Configuration example :
config system interface
set vdom "root"
set ip 10.0.0.2 255.255.255.255
set allowaccess ping
set type loopback
BGP peering and Management access scenario :
The loopback interface is seen from the routing table as connected interface :
FGT1 # get router info routing-table all
C 10.0.0.2/32 is directly connected, loopback
See more details about BGP peering with a loopback interface in the related article at the end of this page : "Technical Note: Configuring BGP on a FortiGate with single-homed eBGP peering, iBGP peering, access-list and OSPF"