Trusted WLAN Interworking Function

Description

The Trusted WLAN Interworking Function (TWIF) is a critical component within the 5G Core (5GC) architecture, specifically defined for Non-3GPP Interworking. It functions as a Network Function (NF) that provides a secure, standardized interface for User Equipment (UE) to connect to the 5GC via a trusted Wireless Local Area Network (WLAN), such as a carrier-managed or enterprise Wi-Fi network. The TWIF terminates the N1, N2, and N3 reference points over the non-3GPP access, effectively bridging the WLAN access network to the 5GC's control and user planes. On the network side, it interfaces with other core functions like the Access and Mobility Management Function (AMF) over N2 for control signaling, the Session Management Function (SMF) via the N4 interface for user plane policy, and the Unified Data Management (UDM) for authentication credentials.

Architecturally, the TWIF comprises two main logical entities: the Trusted WLAN Access Point (TWAP) and the Trusted WLAN AAA Proxy (TWAP). The TWAP handles the lower-layer WLAN-specific protocols and the IPsec/IKEv2 or TLS-based secure tunnel establishment with the UE. The TWAP acts as an Authentication, Authorization, and Accounting (AAA) proxy, interfacing with the 3GPP AAA Server (part of the UDM) to perform 5G-compliant authentication using the 5G Authentication and Key Agreement (5G-AKA) or EAP-AKA' methods. This ensures the UE is authenticated with the same credentials and security level as for 3GPP radio access.

In operation, when a UE attempts to attach via a trusted WLAN, it establishes a secure tunnel (IPsec or TLS) with the TWIF. The TWIF facilitates the primary authentication procedure with the 5GC, relaying Extensible Authentication Protocol (EAP) messages between the UE and the 3GPP AAA Server. Upon successful authentication, the TWIF registers the UE with the AMF, enabling mobility and session management. For user plane traffic, the TWIF acts as a Network Address Translation (NAT) point or a User Plane Function (UPF) N3 termination point, routing data packets between the WLAN and the 5GC's data network. It also enforces policies received from the Policy Control Function (PCF), such as quality of service (QoS) and charging rules, ensuring a consistent service experience across access types.

Its role is pivotal for converged access, allowing operators to offload traffic to Wi-Fi networks while maintaining core network security, subscriber management, and service continuity. It integrates WLAN into the 5G service-based architecture, making it a managed, trusted access type rather than an untrusted external network.

Purpose & Motivation

The TWIF was created to address the growing need for seamless and secure integration of high-performance WLAN networks into the 5G ecosystem. Prior to 3GPP Release 16, non-3GPP access (like Wi-Fi) was often treated as an untrusted network, requiring the UE to establish a VPN-like tunnel (via a Non-3GPP Interworking Function, N3IWF) for secure access, which added complexity and overhead. For operator-managed or certified Wi-Fi networks that meet specific security requirements, this untrusted model was inefficient.

The purpose of the TWIF is to define a "trusted" non-3GPP access path, where the access network itself is considered secure, eliminating the need for per-UE IPsec tunnels for security. This reduces signaling load, connection setup time, and processing overhead on both the UE and the network. It solves the problem of providing a streamlined, carrier-grade Wi-Fi experience that is fully integrated with 5G core services, including authentication, policy control, charging, and mobility support. This enables new use cases like fixed wireless access (FWA) over Wi-Fi, seamless mobility between 5G NR and Wi-Fi, and efficient traffic steering.

Historically, interworking with WLAN was defined in earlier releases (e.g., S2a-based trusted access in EPS), but these were not natively integrated into the new service-based architecture of 5GC. TWIF in Release 16 redefined this interworking for the 5G era, aligning it with cloud-native principles, network slicing, and unified policy framework. It addresses the limitation of previous approaches by providing a native 5GC Network Function with standard service-based interfaces (e.g., Ntwif), enabling automation, scalability, and consistent service exposure.

Key Features

• Acts as a termination point for N1 (NAS), N2 (NGAP), and N3 (user plane) interfaces over trusted non-3GPP access
• Supports 5G-compliant authentication (5G-AKA, EAP-AKA') via integration with 3GPP AAA Server and UDM
• Establishes secure connectivity with UE using IPsec/IKEv2 or TLS, depending on the trust model
• Enables seamless mobility and session continuity between 3GPP and trusted WLAN access
• Enforces policy and charging control (PCC) rules received from the PCF for user plane traffic
• Functions as a User Plane Function (UPF) for the N3 interface, handling packet routing and QoS marking

Evolution Across Releases

Defining Specifications