WPA Supplicant – Doesn’t Auto-Change Access Point

access-pointdebianwlanwpa-cliwpa-supplicant

(I was trying and trying for hours to find a workaround, which proved much harder than initially expected.)

The problem itself is easy to understand, though. I recently installed a GUI-less Debian derivative on one of my machines and configured /etc/wpa_supplicant/wpa_supplicant.conf to access one of my access points and that worked out well.

Soon I took my machine with me out of home, so I added another network (which is my phone in hotspot mode this time) to wpa_supplicant.conf.
Sadly I noticed that it doesn't automatically connect to the phone's AP even after losing connection to the inital router, followed by wpa_cli --reconfigure.
Funny part: uncommenting the first network in the wpa_supplicant.conf makes my phone's AP work flawlessly. If both networks are kept uncommented, only the first one works.

I was reading the whole manual of wpa_supplicant.conf but the closest thing to what I needed was the BSSID option which didn't help in this situation.

So my question: how do I make the network controller change access points depending on availability of these?

Update:
I don't have /usr/share/doc/wpa_supplicant/README.modes, but only /usr/share/doc/wpa_supplicant/README.modes.gz which I am unable to extract because of too many symbolic links.

My /etc/wpa_supplicant/wpa_supplicant.conf:

country=DE
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
ssid="Klaus B. Schuldiger"
scan_ssid=1
psk="----"
}

#network={
#ssid="Xperia XZ_acd9"
#scan_ssid=1
#psk="----"
#}

Best Answer

To debug what wpa_supplicant is doing, wpa_cli status will give information about whether wpa_supplicant still thinks it's connected to an AP, or searching for a new AP.

Wpa_supplicant needs to be in roaming mode to automatically switch between networks. You enable roaming by using a wpa-roam entry after the iface stanza in /etc/network/interfaces, and put all the networks in a wpa_supplicant.conf file (typically /etc/wpa_supplicant/wpa_supplicant.conf). Details can be found in README.modes or README.modes.gz in the wpa_supplicant documentation.

Hidden access points (APs) will cause trouble for two reasons: One the hand, wpa_supplicant will be need to actively configured to scan for all of them (and I don't know the details on how to configure that). On the other hand, the WLAN client will have problems to determine if the connection is still valid or not, because the AP doesn't send out beacons which could be measured. So all the client sees is no answer to transmitted packets, which could also be caused by problems somewhere else in the network. The client will timeout the connection eventually, but that can take several minutes.

Also, hidden APs don't really improve security: Traffic between a hidden AP and a client can be sniffed, giving away the existence of the AP. A client actively scanning for an AP also gives away the existence (and as it's actively scanning for all hidden APs it knows of, it gives even more information).

So the easiest solution is to make all APs non-hidden in case they cause problems.

Related Question