Example: Configuring a Loopback Interface (NSM Procedure)

A loopback interface emulates a physical interface on a security device. However, unlike a physical interface, a loopback interface is always in the up state as long as the device on which it resides is up. You might want to use a loopback interface as:

Loopback interfaces are named loopback.id_num, where id_num is a number greater than or equal to 1 (the maximum id_num value you can specify is platform-specific) and denotes a unique loopback interface on the device. Like a physical interface, you must assign an IP address to a loopback interface and bind it to a security zone.

Note: You cannot bind a loopback interface to a HA zone, nor can you configure a loopback interface for Layer 2 operation or as a redundant/aggregate interface. You cannot configure the following features on loopback interfaces: NTP, DNS, VIP, secondary IP, track IP, or WebAuth.

After defining a loopback interface, you can then define other interfaces as members of its group. Traffic can reach a loopback interface if it arrives through one of the interfaces in its group. Any interface type can be a member of a loopback interface group—physical interface, subinterface, tunnel interface, redundant interface, or VSI.

In this example, you create the loopback interface loopback.1, bind it to the Untrust zone, and assign the IP address 1.1.1.27/24 to it.

To configure a loopback interface:

  1. Add a device.
  2. Configure the loopback interface:
  1. In the device navigation tree, select Network > Interface.
  2. Click the Add icon and select Loopback Interface. The General Properties screen appears.
  3. Configure the following:
    • For zone, select Untrust.
    • For IP Address/Netmask, enter 1.1.1.27/24.
    • Ensure that Manageable is enabled.
    • Ensure that the Management IP is 1.1.1.27.
  4. Click OK to save the new interface.
  5. Click OK to save your changes to the device.

Related Documentation