NAS is the non-access stratum protocol used for logical UE-to-core signaling in 5G, especially for mobility management and session management procedures.

What is the difference between 5GMM and 5GSM?

5GMM handles mobility and access-related control such as registration, authentication, security, and service continuity, while 5GSM handles PDU session control such as session establishment, modification, and release.

Does NAS run on N1 or N2?

NAS belongs to the logical N1 relationship between the UE and the AMF, even though some NAS messages are carried through the access network and become visible around N2 handling.

Who does NAS signaling talk to in 5G?

At high level, 5GMM is read mainly as UE-to-AMF signaling, while 5GSM involves session-management signaling that is logically tied to the SMF side for PDU session control.

Why is NAS security important?

NAS security protects signaling integrity and, when applicable, confidentiality for control messages that carry identity, mobility, and session-control meaning between the UE and the core.

Home / 5G / Protocols / NAS

5G NAS Protocol Overview

NAS is the non-access stratum protocol used for logical UE-to-core signaling in 5G. It is the protocol family you read for registration, authentication, security, service continuity, and PDU session control when the real question is about what the UE and the core are asking of each other.

This page serves as the NAS protocol map. It shows where NAS sits on the N1 interface, how 5GMM and 5GSM divide responsibilities, how UE-to-AMF and UE-to-SMF signaling roles differ, how the NAS security model is organized at a high level, and which message pages, call flows, and troubleshooting paths to open next.

Quick facts

Technology	5G
Area / Protocol	NAS on N1
Direction / scope	Logical UE-to-core signaling for mobility, session, service, and control procedures
Main split	5GMM for mobility management and 5GSM for session management
Main use	Registration, authentication, security, service continuity, PDU session control, deregistration, status handling
Related topics	N1, N2, NGAP, Registration Request, Service Request, Authentication, Security Mode Command, PDU Session Establishment

NAS topic map

The topic cards below organize NAS into foundations, 5GMM procedures, 5GSM procedures, and message or troubleshooting paths. They are intended for fast lookup when the goal is to place a NAS topic in the correct protocol context before moving into message-level detail, procedure flow, or failure analysis.

NAS foundations

NAS Architecture and N1 Context Use this first for the NAS control-plane mental model, N1 placement, N2 and RRC relationship, non-3GPP access view, and NAS-MM versus NAS-SM split.
NAS Message Structure and Security Header Open this for protocol discriminator reading, security header types, plain versus protected NAS, containers, and message framing.
Authentication, Security Mode, and Initial NAS Protection Read authentication, NAS security activation, and early protected-message behavior together because they are tightly coupled in traces.

5GMM procedures

Registration Procedure Cover initial registration, mobility update, periodic update, emergency variants, accepted paths, rejected paths, and returned context.
Deregistration Procedure Use this for UE-initiated and network-initiated deregistration, detach-style cleanup, and access or mobility-related release behavior.
Identity and UE Configuration Update Read identity procedures first here, then continue into Configuration Update Command and Configuration Update Complete message pages for later configuration refinement.
Service Request High-value path for UE-triggered service return when a registered UE needs to restore active NAS and user-plane service.
Paging Use this for network-triggered UE reachability, downlink attention, and the paging side of CM-IDLE handling.
CM State Useful for understanding idle or inactive return, signaling reactivation, and why the NAS signaling connection becomes active again.
NAS Transport Procedure Follow how 5GSM, SMS, LPP, SLPP, UE policy, SOR, and related payloads are carried through NAS transport containers, then open UL NAS Transport or DL NAS Transport for message-level detail.

5GSM procedures and session context

5GSM Overview and Session State Model Start here for PTI, PDU Session ID, 5GSM sublayer states, coordination with 5GMM, and session-procedure grouping.
PDU Session Establishment Read UE-requested establishment, acceptance, rejection, congestion-related outcomes, and the difference between session context and restored user plane.
PDU Session Modification Use this for UE-requested and network-requested modification, QoS changes, rule updates, user-plane impact, and abnormal cases.
PDU Session Release Open this for session release message patterns, release causes, and operational cleanup behavior.
PDU Session Authentication and Authorization Use the NAS message library for PDU session authentication messages, EAP-related transport, and session-side authorization reading.
QoS Rules, IP Addressing, and Session Context Use this for session-side QoS rules, addressing context, Session-AMBR, and the reusable context created at establishment and updated during modification.

Messages and troubleshooting

5GMM Cause Values Use this for mobility-side reject meaning, registration failures, service reject context, and 5GMM abnormal handling.
5GSM Cause Values Use this for session-side reject meaning, PDU session failure handling, and 5GSM abnormal branches.
5GMM States Open this when a mobility-side NAS trace only makes sense after the UE is placed in the correct 5GMM state.
5GSM States Open this when a session-side trace needs a state model before message or cause interpretation.
5G NAS Messages Open the NAS message library when you need exact message behavior, IE reading, and sibling message navigation.
Registration Request Best first NAS message for seeing 5GMM registration entry and identity context.
Service Request High-value NAS message for service resumption and context return.
Security Mode Command Important when NAS progression reaches security and then stops.
PDU Session Establishment Request High-value 5GSM message for session creation and service intent.
Registration Failure Troubleshooting Use this when the visible problem is registration failure rather than already-isolated NAS structure.

Overview

NAS belongs to the control conversation between the UE and the core. It is where registration meaning, identity handling, security progression, service return, and PDU session intent are expressed in 5G.

In practical protocol work, NAS is the layer you inspect when the question sounds like this: why did the UE fail registration, why did service not resume, why did security progression stop, or why was the requested PDU session accepted, modified, or rejected? The wider architectural reading around that question often includes N1, N2, NGAP, and RRC.

Position on N1 Interface

NAS is the protocol family normally described on N1, the logical UE-to- AMF signaling relationship. That does not mean NAS exists in isolation. The access network still transports and forwards it, which is why NAS often has to be read together with NGAP and RRC when a procedure crosses the air interface and the core edge.

Path	What it means	Why it matters
N1	Logical UE-to-AMF NAS relationship.	This is the main architectural home of NAS in 5G.
N2	Access-side control path between gNB and AMF.	Important because NAS often becomes visible around NGAP transport and relay behavior.
RRC and access-side handling	Radio-side control before or around NAS progression.	Needed when a NAS symptom actually begins before NAS reaches the core cleanly.

5G Architecture Overview

Open the wider architecture map when you need to place N1, N2, AMF, SMF, and access-side signaling in one control-plane view.

N1 Interface in 5G

Use the dedicated N1 page for the logical UE-to-AMF relationship, interface scope, and how NAS is positioned across procedures.

5GMM vs 5GSM

The main first split inside NAS is between 5GMM and 5GSM. If you do not separate those two early, NAS can feel like one large message family even though the procedures serve different control jobs.

5GMM is the mobility-management side of NAS. It covers the control relationship that lets the UE register with the core, establish identity, complete authentication and NAS security, remain reachable, return to service, and eventually deregister or report status. In trace reading, 5GMM usually answers questions about whether the UE is known to the network, whether access-side control is complete, and whether mobility-side context is still valid.

5GSM is the session-management side of NAS. It covers PDU session lifecycle control, including establishment, modification, release, status handling, and the session parameters returned to the UE such as session identity, addressing, and QoS-related context. In practical reading, 5GSM becomes the focus after mobility-side control is far enough along for the UE to request or maintain data-session service.

Area	What it covers	Typical reading path
5GMM	Registration, authentication, identity, security, service continuity, mobility-side status, and deregistration.	Use this path when the question is about access, reachability, service return, or control continuity.
5GSM	PDU session establishment, modification, release, and session status handling.	Use this path when the question is about session intent, data service, or session control outcomes.

UE to AMF and UE to SMF signaling roles

Another useful way to place NAS is by control role. High-level mobility-side NAS is read mainly as UE-to-AMF signaling, while session-side NAS is read in relation to UE session control and the SMF side of the system. That split makes procedure reading much easier.

Role	Main control meaning	Typical examples
UE to AMF	Mobility management, identity, authentication, security, service continuity, and reachability control.	Registration Request, Authentication Response, Security Mode Complete, Service Request, Deregistration Request
UE to SMF	Session intent, session lifecycle, and PDU session control viewed through the NAS session-management path.	PDU Session Establishment Request, PDU Session Modification Request, PDU Session Release Request

AMF in 5G Core

Open the AMF reference when the NAS question is mainly about access and mobility control, registration state, reachability, or core-side UE context.

SMF in 5G Core

Use the SMF reference when the NAS question is really about PDU session control, session policy, addressing, or user-plane session lifecycle.

NAS security model

At high level, NAS security exists to protect control signaling between the UE and the core. In daily troubleshooting, the practical questions are usually whether security has been established yet, whether the message should already be protected, and whether security progression itself is what stopped the procedure.

Security view	Why it matters	Typical reading question
Before security activation	Early NAS progression may still be visible before full protected operation.	Has the procedure reached the point where protected NAS is expected?
After security activation	Later control messages depend on correct NAS security context.	Did security establish cleanly before later NAS messages were sent?
Security failure angle	Security mismatch can stop otherwise healthy registration or service procedures.	Is the failure really a registration problem, or is the real break point security progression?

Trace note: When NAS progression stops around authentication or Security Mode Command, treat security as its own failure domain before assuming later registration or session messages are the primary issue.

Procedure family map

NAS becomes easier to navigate if you group procedures into practical families instead of reading the message list as one large block.

At a high level, NAS procedures exist to manage two related control problems. The first is mobility-side control: how the UE becomes known to the core, proves identity, establishes NAS security, stays reachable, and returns to service when needed. The second is session-side control: how the UE asks for data-session service, how that session is accepted or changed, and how the related session context is maintained or released.

Grouping procedures by role makes traces easier to read. Registration, identity, authentication, security, service request, and deregistration belong to the mobility-management side of NAS. PDU session establishment, modification, release, transport, and status handling belong to the session-management side. Status, reject, and abnormal handling procedures cut across both sides because they explain why normal signaling did not continue.

Each family also has a different objective. Some procedures create or refresh control context, some protect later signaling, some restore reachability or service continuity, and some create or modify session context that supports user-plane service. Reading NAS by objective helps separate access-control questions from session-control questions before moving into message-level detail.

Family	What it covers	Open next
Registration and mobility management	Registration, update, identity, authentication, security, and deregistration.	Initial Registration
Service continuity	Service Request and other return-to-service or continuity-related NAS control.	Service Request
Session management	PDU session establishment, modification, release, and status handling.	PDU Session Establishment
Error and status handling	Status, reject, and abnormal NAS continuation or failure paths.	NAS message library

Reading path

The best NAS reading path depends on the problem you are solving. Start with the procedure family first, then move into the message library, then use troubleshooting or architecture pages if the symptom crosses protocol boundaries.

If the question is about	Start here	Then open
Registration entry and mobility-side control	Initial Registration	NAS messages and Registration Failure
Service return or continuity	Service Request	NAS messages and N1 Interface
PDU session control	PDU Session Establishment	NAS messages and N11 Interface
Possible transport or access-side problem instead of NAS content	NGAP Overview	N2 Interface and NGAP Troubleshooting

5G Access Registration

Use this broader path for NAS registration entry, access-side progression, and the combined view across registration-related control steps.

5G PDU Session Management

Open this for the wider session-management path when the question spans establishment, modification, release, or session-side continuity.

5G Mobility Procedures

Read this when NAS has to be interpreted together with mobility change, reachability updates, handover-related continuity, or location-driven control behavior.

References

3GPP TS 24.501, Non-Access-Stratum (NAS) protocol for the 5G System
3GPP TS 23.501, System architecture for the 5G System
3GPP TS 23.502, Procedures for the 5G System
3GPP TS 24.502, Access to the 5G Core Network and interworking procedures

FAQ

Is NAS the same as NGAP in 5G?

No. NAS is the logical UE-to-core signaling family, while NGAP is the access-to-core control protocol on N2 between the gNB and the AMF.

What should I open first for a registration problem?

Start with Initial Registration, then open the NAS message library or registration troubleshooting depending on whether the issue is already isolated to NAS.

What should I open first for a PDU session problem?

Start with PDU Session Establishment, then move into the NAS message library for session-management message detail.

Why does NAS sometimes need NGAP context?

Because many NAS procedures become operationally visible only when they are carried through the access network and delivered toward the AMF across N2 handling.