Disclosed herein is a method for the establishment of a service tunnel in a wireless local area network (WLAN). The method includes a service authentication authorization unit making authentication and authorization to a WLAN user terminal currently requesting a service, and judging whether the authentication and authorization is successful. If successful, the method includes generating service authorization information that includes a shared communication key used for communication between the WLAN user terminal and a destination packet data gateway (PDG), and otherwise ending the procedure. The method further includes the service authentication authorization unit sending to the destination PDG the generated service authorization information including the shared communication key, and the destination PDG, according to the shared communication key, establishing a trust relation with the WLAN user terminal through negotiation with the WLAN user terminal. If the establishment of the trust relation is successful, the destination PDG allocates tunnel resources for the WLAN user terminal, negotiates parameters and then establishes a tunnel with the WLAN user terminal, and otherwise, ends the procedure. As a result, a secured service data tunnel may be established between the user terminal and the PDG.