Solved forcing what SSID to pick in wpa_supplicant.conf

Hello Forum Users,
I have an issue with the WiFi of a home-office I set up for a friend.
Most of the time things work as expected, but about once every month the system gives my friend real trouble. Instead of connecting to the pre-configured SSID, the FreeBSD PC acting as his internet gateway connects to an unknown, password-less WiFi coming from somewhere nearby (likely from the meeting room of the firm on the other side of the wall).
What I would like is to make sure that his gateway connects ONLY to the pre-configured SSID, if that is available. Otherwise DO NOT connect to any WiFi.
I have priority set to a high value, but the issue still happens.



Any suggestion on how to prevent the system to connect to undesired "free" wifi networks instead of the one we want is appreciated.
here it says one can add the info to the rc.conf file
In an environment where there are multiple access 
points with the same SSID, which is often done to simplify roaming, 
it may be necessary to associate to one specific device.  In this case, the 
BSSID of the access point can be specified, with or without the SSID:

ifconfig_wlan0="ssid your_ssid_here bssid xx:xx:xx:xx:xx:xx DHCP"
under Selecting an Access Point
might try that.
Certainly worth giving a try.
May actually do what I am after.
Thanks for pointing out!
I did not use the BSSID part, I went with the SSID keyword only because there are 3 MAC addresses to choose from and I wanted the gateway PC to always pick the best of those three.

ifconfig_wlan0="ssid office_ssid_here WPA DHCP"

With that set, the gateway no longer tried to connect to passwordless strange WiFi services, only to the Office WiFi, trying each of its MAC addresses one after the other, but failing to connect with a timeout message after about 2-3 seconds. I enabled verbose output with wpa_supplicant -d and even -dd, but did not get closer to the reason for these timeouts. In the end, I called the guy who runs these WiFi Access Points, he restarted them (after about 200 days of uptime) and everything started to work fine. :)
cool but does that leave you with having to call that guy after every 200 days?
wait and see,
same wifi time
same wifi chanel
Each potential network/access point should have a "network block" that
describes how to identify it and how to set up security. When multiple
network blocks are listed in a configuration file, the highest priority
one is selected for use
or, if multiple networks with the same priority
are identified, the first one listed in the configuration file is used.
cool but does that leave you with having to call that guy after every 200 days?

Yes, it does. :(
More precisely, it leaves me with having to call the guy every 3-4 month (3-4 times a year) and ask him to reboot those Access Points before they start producing the problem.
However, my interaction with the guy made him come across as an experienced, responsible, smart person. Such people tend to possess a healthy amount of forward-thinking when it comes to their repetitive tasks, so I trust that in the future we will not need to call him more than twice about these reboots before he implements some sort of automated mechanism to periodically restart the APs. That is what I would do.

And even if nothing improves on the AP side, making a phone call 3-4 times a year is something I or my friend using that office WiFi can live with.
priority=99 is backwards, you want:
priority=1 for first WAP choice
priority=2 for second WAP choice
With protocol set to WPA it should always use WPA but priority=99 might be messing with that.

I see your logic and I also find that perspective sensible. So much so, that I likely would have gone that way myself. However, the manual of wpa_supplicant.conf() says the complete opposite.
The priority of a network when selecting among multiple networks;
a higher value means a network is more desirable. By default
networks have priority 0. When multiple networks with the same
priority are considered for selection, other information such as
security policy and signal strength are used to select one.

a higher value means a network is more desirable
This is worded in a way that leaves no doubt. So if you are correct and priority=1 is indeed more desirable than priority=99, then the manual is flawed and tells the exact opposite of what it should say.
  • Thanks
Reactions: mro
Actually I was wrong. Upon reading several different sources I found that I was mistaken.
99 is a higher priority than 1.
But reading the manual you will note for a single access point connection such as your usage, you should use priority=0.
In fact if the setting is left out of wpa_supplicant.conf it defaults to priority=0.
My wpa_supplicant.conf does not even use that setting.
I am having the same issue but I don’t know how to solve it. My 12.1 FreeBSD keeps connecting to the neighbors Wi-Fi during the boot even if I set the SSID to my router name and a high priority. I set the SSID in the rc.conf but I guess I could try specifically writing the BSSID I’m using WPA_supplicant.conf as well
Are you sure your rc.conf line is correct?
The only way it could connect to your neighbors would be them having an open Access Point.
For evoking WPA in /etc/rc.conf:
ifconfig_wlan0="WPA DHCP"
For an open Access Point:
Yea my rc.conf is
ifconfig_wlan0=“WPA DHCP”
And I have a high priority for my network in the wpa_supplicant.conf
but it still will randomly pick one of many neighbor access points! :(
Maybe my neighbors Wi-Fi has a high signal strength while mine is low ?