I am going to provide you the answer a provided 2 days ago:
Is there any way we can put cap on per user anywhere in router, firwall or WLC?
Becuase from shared pipe, when one user sucks the bandwidth others have to say suffer.
Please guide where should i limit that per user.
I know this is an old topic, but I recently went through this with TAC.
You cannot do Per User or Per Connection rate limiting through a Cisco ASA. The attempt I made to do this with a couple of configurations are applied to interfaces so the rate limiting is on the entire connection.
There are ways to rate limit through a router and there are documents for how to do this on a 6800 series route-switch, which may be OK if using this on a core.
In my case, bittorrent traffic is a problem on my guest networks and my guests are all using wireless. You can rate limit on a per client basis on the WLC and it is rather simple. My guest SSIDs have the Bronze QoS applied to them, Silver for the common SSIDs, Gold for my corporate SSID, and Platinum for my voice SSID.
To rate-limit on the WLC from the QoS, go to Wireless / QoS / Profiles. Select the QoS profile to rate limit and adjust the Download and Upload speeds.
You can also go to WLANs / WLANs / WLANs and select the WLAN. Select the QoS tab and change the rate there. I do not remember from my TAC Case if this is applied to just the WLAN, or if it applied to the QoS policy that is applied to that WLAN.
My recommendation is apply the QoS on WLANs so that Bronze is only on your Guest network(s) and then rate limit it accordingly.