Cisco has a built in tool that allows you to test AAA server connectivity. It is included in both the CLI and the ASDM. This tool is useful when you are setting up a AAA server because you don't have to login and out of the device in order to test the connectivity.
The CLI command is:
test aaa-server authentication SERVERNAME [more]
After entering this command you will be prompted to enter the server IP address, and a username and password.
The packet-tracer command is another tool that comes in handy when testing access-lists and VPN configurations. It simulates a packet that transverses through the ASA and prints out the each step it takes and points out where it is failing.
To trace a HTTP packet from the inside address of 10.1.1.1 to outside address of 22.214.171.124 the command would be:
packet-tracer input inside tcp 10.1.1.1 www 126.96.36.199 www detailed