I don't think you'll see any connection failure logs. Your best bet for troubleshooting would probably be to capture a tcpdump of the client connection failure and then use ssldump on LTM to decode it. You'll need to start the tcpdump before the TCP connection from the client to VIP is established so you get the initial SSL handshake in the trace. You can then use ssldump to decode it:
https://support.f5.com/kb/en-us/solutions/public/7000/800/sol7823.html
tcpdump -i 0.0 -s0 -w/var/tmp/client_cert.dmp host CLIENT_IP
ssldump -AdneN -r/var/tmp/client_cert.dmp -k/config/httpd/conf/ssl.key/server.key >/var/tmp/client_cert.txt
Aaron