Ping: sendto: No Buffer space available

  • Hi dear pfSense powausers,

    this is my first post on this forum. Please apologize me if I don't respect somehow rules established here… I will try to be as understandable as possible.

    I'm trying to figure out how to create a simple firewall ruleset that would allow me from the SSH console of my brand new pfSense box to ping webserver on the Internet.

    First, here's my setup :
    INTERNET Provider 1 ----- Cisco Router |
                                                                  | ---- pfSense Router ---- LAN
    INTERNET Provider 2 ----- Zyxel Router |

    Cisco Router is actually not up since Internet Provider 1 is still testing optical fiber

    Zyxel WAN IP :
    Zyxel LAN IP  :

    pfSense WAN IP : Statically configured, but actually down (no carrier)
    pfSense OPT1 IP : (dynamically attributed by Zyxel DHCP Server)
    pfSense LAN IP :

    WAN+OPT1 is configured as a gateway group with following priority :

    WAN : tier1
    OPT1 : tier2

    I've got a computer on LAN that can access web, mail, ping, DNS Query, i.e everything from LAN to (WAN-OPT1) : everything works as expected.

    My pb is the following (note, I'm connected on my pfSense box through SSH)

    PING ( 56 data bytes
    ping: sendto: No buffer space available
    ping: sendto: No buffer space available
    and so on....

    I can execute DNS query from this pfSense box :

    host has address has address 2001:500:88:200::10

    But ping, traceroute (ICMP in general) seems to be denied.

    Moreover, I wanted to see which packages are available, but the web GUI (/pkg_mgr.php) tells me :

    Unable to communicate with Please verify DNS and interface configuration, and that pfSense has functionnal Internet connectivity.

    My question is : what firewall rule has to be created to allow traffic (any kind of traffic) directly issue by this router to access the whole Net ?

    Thanks for reading.



  • Seems to be solved…

    I changed OPT1 to default gateway under System -> Gateways -> Edit Gateway.

    At the moment I can do all kind of traffic from SSH access without restriction.