Created on
09-06-2019
01:00 AM
Edited on
05-09-2025
01:47 AM
By
Jean-Philippe_P
Description
This article describes possible root causes of having logs with interface 'unknown-0'.
Scope
FortiGate.
Solution
Generally, such a log message is created when a packet comes to a FortiGate or FortiOS and it can't find an existing session for it, although it is expected that it should already be in place.
For example, when FortiGate receives a TCP FIN packet, and there is no session, this packet can match.
There are several scenarios when such a log message can be generated:
In both examples, ‘No Session Match’ messages are seen in the debug flow logs.
Related articles:
Technical Tip: 'No Session Match' error and halfclose timer
Technical Tip: Traffic logs with no interface details (interface unknown-0)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.