For my master's thesis, I successfully integrated the EAP-TLS authentication mechanism into the Open5GS core. This prototype serves as a demonstration of the feasibility of utilizing EAP-TLS as an authentication mechanism within the 5G core.
To set up this on your machine, please refer to the Build from Source Manual provided by Open5GS. Instead of using the open5GS repository, utilize the one specified here. The core in this repository is configured for local deployment following the instructions outlined in the manual.
To perform EAP-TLS testing on the core, utilize the N3IWF and the UE repositories I configured for this use case. EAP-TLS was only tested via non-3GPP-access.
used Despite the communication being conducted through non-3GPP access, the IMSI format is used instead of the NAI format, as NAI was not supported by Open5GS at that time. The file "imsis" contains the list of configured IMSIs, and while you can add new ones to the database, it's important to note that EAP-TLS authentication is hardcoded to specific IMSIs and cannot be used with newly added ones at this time.
If you want to see the packets exchanged, use Wireshark and set ngap as the filter.
Ubuntu 20.04.5 LTS
CPU: 2
Memory: 6.00 GB