TWIF

Trusted WLAN Interworking Function

Core Network →
Introduced in Rel-16

TWIF is the 5G core network function that enables secure interworking and protocol translation for user equipment to access 5G services over trusted WLAN networks like Wi-Fi.

Category
Core Network
Introduced
Rel-16
Where
Core Network › 5G Core
Specifications
11 specs
TWIF Description Purpose Related Classification Detected Changes Specifications

Description

The Trusted WLAN Interworking Function (TWIF) is a critical component within the 5G Core (5GC) architecture, specifically defined for Non-3GPP Interworking. It functions as a Network Function (NF) that provides a secure, standardized interface for User Equipment (UE) to connect to the 5GC via a trusted Wireless Local Area Network (WLAN), such as a carrier-managed or enterprise Wi-Fi network. The TWIF terminates the N1, N2, and N3 reference points over the non-3GPP access, effectively bridging the WLAN access network to the 5GC's control and user planes. On the network side, it interfaces with other core functions like the Access and Mobility Management Function (AMF) over N2 for control signaling, the Session Management Function (SMF) via the N4 interface for user plane policy, and the Unified Data Management (UDM) for authentication credentials.

Architecturally, the TWIF comprises two main logical entities: the Trusted WLAN Access Point (TWAP) and the Trusted WLAN AAA Proxy (TWAP). The TWAP handles the lower-layer WLAN-specific protocols and the IPsec/IKEv2 or TLS-based secure tunnel establishment with the UE. The TWAP acts as an Authentication, Authorization, and Accounting (AAA) proxy, interfacing with the 3GPP AAA Server (part of the UDM) to perform 5G-compliant authentication using the 5G Authentication and Key Agreement (5G-AKA) or EAP-AKA' methods. This ensures the UE is authenticated with the same credentials and security level as for 3GPP radio access.

In operation, when a UE attempts to attach via a trusted WLAN, it establishes a secure tunnel (IPsec or TLS) with the TWIF. The TWIF facilitates the primary authentication procedure with the 5GC, relaying Extensible Authentication Protocol (EAP) messages between the UE and the 3GPP AAA Server. Upon successful authentication, the TWIF registers the UE with the AMF, enabling mobility and session management. For user plane traffic, the TWIF acts as a Network Address Translation (NAT) point or a User Plane Function (UPF) N3 termination point, routing data packets between the WLAN and the 5GC's data network. It also enforces policies received from the Policy Control Function (PCF), such as quality of service (QoS) and charging rules, ensuring a consistent service experience across access types.

Its role is pivotal for converged access, allowing operators to offload traffic to Wi-Fi networks while maintaining core network security, subscriber management, and service continuity. It integrates WLAN into the 5G service-based architecture, making it a managed, trusted access type rather than an untrusted external network.

Purpose & Motivation

The TWIF was created to address the growing need for seamless and secure integration of high-performance WLAN networks into the 5G ecosystem. Prior to 3GPP Release 16, non-3GPP access (like Wi-Fi) was often treated as an untrusted network, requiring the UE to establish a VPN-like tunnel (via a Non-3GPP Interworking Function, N3IWF) for secure access, which added complexity and overhead. For operator-managed or certified Wi-Fi networks that meet specific security requirements, this untrusted model was inefficient.

The purpose of the TWIF is to define a "trusted" non-3GPP access path, where the access network itself is considered secure, eliminating the need for per-UE IPsec tunnels for security. This reduces signaling load, connection setup time, and processing overhead on both the UE and the network. It solves the problem of providing a streamlined, carrier-grade Wi-Fi experience that is fully integrated with 5G core services, including authentication, policy control, charging, and mobility support. This enables new use cases like fixed wireless access (FWA) over Wi-Fi, seamless mobility between 5G NR and Wi-Fi, and efficient traffic steering.

Historically, interworking with WLAN was defined in earlier releases (e.g., S2a-based trusted access in EPS), but these were not natively integrated into the new service-based architecture of 5GC. TWIF in Release 16 redefined this interworking for the 5G era, aligning it with cloud-native principles, network slicing, and unified policy framework. It addresses the limitation of previous approaches by providing a native 5GC Network Function with standard service-based interfaces (e.g., Ntwif), enabling automation, scalability, and consistent service exposure.

Classification

Part ofN3IWF
Related approachesAMF

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (226 CRs across 6 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-15 59 changes

In Release 15, the Trusted WLAN Interworking Function (TWIF) was newly introduced as a specific type of Trusted Non-3GPP Gateway Function (TNGF) to enable UE connectivity via trusted non-3GPP access networks, such as trusted WLANs, into the 5G Core Network. It interfaces with the 5GC control and user plane functions via the N2 and N3 interfaces, respectively, allowing for integrated registration and session management. This introduction was part of the broader architectural definition for trusted non-3GPP access, which also included the separate N3IWF for untrusted access.

  • Interworking between ePDG/EPC and NG-RAN/5GCN TS 24.501CR0174
  • Interworking between E-UTRAN/EPC and N3IWF/5GCN TS 24.501CR0176
  • Clean up on the interworking without 26 indication TS 23.501CR0023
  • Corrections to Combined N3IWF/ePDG Selection TS 23.501CR0057
  • Interworking without N26 corrections TS 23.501CR0071
  • EPS Interworking: 5G-S-TMSI derivation and context retrieval TS 23.501CR0085

+ 53 more changes

Rel-16 67 changes

In Release 16, the TWIF function was formally introduced as part of the new Trusted Non-3GPP Access Network (TNAN) support, enabling a trusted WLAN to connect to the 5G Core via the Trusted Non-3GPP Gateway Function (TNGF). Key enhancements included new procedures for TNAN and PLMN selection for trusted WLAN access, and the specification of EAP-5G extensions for authentication over this trusted non-3GPP access. The release also defined interworking for Multi-Access PDU Sessions and Ethernet PDU sessions when using this trusted access path.

  • Support of Trusted non-3GPP access TS 23.501CR0781
  • Trusted non-3GPP Access Network Selection TS 23.501CR0783
  • FQDN format of N3IWF in a standalone non-public network TS 23.501CR0841
  • Enhancement on slice interworking--501 TS 23.501CR0850
  • Support of EPC interworking for CIoT Monitoring Events TS 23.501CR1019
  • AMF overload control for trusted non-3GPP access TS 23.501CR1374

+ 61 more changes

Rel-17 33 changes

In Release 17, enhancements for the Trusted WLAN Interworking Function (TWIF) included clarification on the support of network slicing in TWIF scenarios and the addition of PDU session limitations and specific protocol stacks for trusted WLAN access to support N5CW devices. The release also provided updates for the selection of the network function for emergency services when using trusted non-3GPP access.

  • Informative guideline on supporting session/service continuity between SNPN and PLMN when using N3IWF TS 23.501CR2563
  • Update to N3IWF selection for N3SLICE TS 23.501CR2662
  • Resolve ENs in NSAC support for EPC interworking TS 23.501CR3126
  • Support of User Plane Integrity Protection for Interworking from 5GS to EPS TS 29.502CR0500
  • Trusted AF registration and discovery TS 29.510CR0593
  • LI for EPC-5GC Interworking Stage 2 TS 33.127CR0153

+ 27 more changes

Rel-18 60 changes

In Release 18, enhancements for the Trusted WLAN Interworking Function (TWIF) focused on network slice integration and Standalone Non-Public Network (SNPN) support. Specifically, new procedures were introduced for slice-based N3IWF/TNGF selection, allowing the UE to indicate its slice support and the network to reject registration if the selected interworking function is incompatible with the required slices. Furthermore, the release defined new selection and access procedures for using trusted non-3GPP access within SNPNs.

  • N3IWF selection enhancement for support of S-NSSAI needed by UE TS 23.501CR3707
  • RFSP index during interworking TS 23.501CR3713
  • Interworking with TSN network deployed in the transport network TS 23.501CR3811
  • N3IWF with slice capability TS 24.501CR4877
  • UE to indicate its support for Slice-based N3IWF selection to the network TS 24.501CR4961
  • Rejecting the UE Registration due to the selected N3IWF by the UE is not compatible with the used slices TS 24.501CR4963

+ 54 more changes

Rel-19 6 changes

In Release 19, the TWIF was enhanced to support the mobility of an N5CW device connected to a Trusted WLAN Access Point (TWAP) to another TWAP that is connected to the same TWIF. This provides improved mobility management within a trusted WLAN access network. Additionally, corrections were made to the N3IWF selection procedures.

  • Mobility of the N5CW device connected to a TWAP to another TWAP connected to the same TWIF TS 24.502CR0317
  • Support of Feature ID and VFL interoperability indicator for NWDAF, untrusted AF, and trusted Afs TS 29.510CR1145
  • Handling of unprotected REGISTRATION REJECT message with causes #81 and #82 (Selected N3IWF/TNGF is not compatible with the allowed NSSAI) TS 24.501CR6795
  • QoS Monitoring per QoS flow interworking with the NG-RAN TS 29.502CR0917
  • Access restrictions for satellite access in the context of 5GC-EPC interworking TS 23.501CR5495
  • Correction on N3IWF selection TS 23.501CR5536
Rel-20 1 change

In Release 20, the Trusted WLAN Interworking Function (TWIF) was formally introduced as a new type of interworking function alongside the N3IWF and TNGF to support trusted non-3GPP access networks. This release also specified that the selection of an N3IWF or TNGF can now consider energy-related information, as indicated by the new Energy Information Function (EIF). These additions expand the architecture for trusted access and incorporate energy efficiency into the network function selection process.

  • N3IWF/TNGF reselection considering energy related information. TS 23.501CR6493

Explore further

Broader topics and technologies where TWIF plays a role.

Topics
Authentication (5G-AKA, EAP)NAS (Non-Access Stratum)Policy & Charging5G NR (New Radio)Lawful InterceptNetwork Slicing
Technologies
5G

Defining Specifications

3GPP specifications that define or reference TWIF, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 23.501 vk00 5G System Architecture Stage 2 Rel-20
TS 24.501 vj50 5G NAS Protocols Specification Rel-19
TS 24.502 vj20 5G Core Access via Non-3GPP Networks; Stage 3 Rel-19
TS 29.214 vj20 Policy and Charging Control over Rx Rel-19
TS 29.413 vj00 NGAP for Non-3GPP Access Rel-19
TS 29.502 vj50 5G System; Nsmf Service Based Interface; Stage 3 Rel-19
TS 29.510 vj50 NRF Service Based Interface Protocol Rel-19
TS 33.127 vj50 Lawful Interception Architecture and Functions Rel-19
TS 33.128 vj50 3GPP TS 33.128: Lawful Interception Protocols Rel-19
TS 33.501 vk00 5G Security Architecture and Procedures Rel-20
TS 38.413 vj10 NG Application Protocol (NGAP) Rel-19