12.2 Configuring AAA
12.2.1 Enabling AAA and identifying the server
The first steps in configuring the NAS are to globally enable AAA, specify the Cisco Secure server that will provide AAA services for the NAS, and configure the encryption key that is used to encrypt the data transfer between the NAS and the Cisco Secure server.

To activate TACACS+, use the
tacacs-server key command:

Router(config)#aaa new-model
Router(config)#tacacs-server host 192.168.229.76 single-connection
Router(config)#tacacs-server key shared1

To activate RADIUS, use the radius-server key command:

Router(config)#aaa new-model
Router(config)#radius-server host 192.168.229.76
Router(config)#radius-server key shared1

The Table explains the elements of the preceding configurations.