A Cisco ASA running IOS 9.3.2 using the native SecurID authentication protocol for VPN access fails to generate the node secret during an authentication test under AAA server group test in the Cisco ASDM.
The RSA Authentication Manager 8.x Authentication Activity logs show the authentication method failed error, which is typically associated with the wrong IP address being specified for the interface on the Cisco ASA, but that is not the case with IOS 9.3.2.
This is a known defect with Cisco IOS 9.3.2.
When contacting Cisco, reference CSCut28210. Cisco will release an update to address this issue in the near future.
Until the fix is released, the two options to have authentication work would be either:
Rollback to Cisco IOS 9.3.1; or
Continue to use Cisco IOS 9.3.2 with RADIUS rather than the native SecurID authentication protocol.