Nimbostratus
EmployeeThe ASM is essentially a process that talks to the LTM. As such for most issues you can use tcpdump much as you would with the LTM. If the issue is with HTTP rather than with SSL you may wish to use HTTPWatch, which as a browser plugin rather than a proxy will allow you to see exactly what your web browser is seeing.
In rare instances you may need to see the communication between the LTM and the ASM processes, and in those instances you should already be engaged with support. They will tell you what needs to be done.
From the sound of things it sounds like you are having a cipher problem, which is almost certainly not the ASM, but rather the LTM. Keep in mind that the ASM only operates at layer 7, relying on the underlying LTM infrastructure to handle the other layers of the OSI model. A tcpdump on the BigIP should give you visibility into this.