You should be able to use EZvpn along with QOS for VoIP... I have been using it for a while and works just fine. Here is sample config: This is a 12.4.9T IOS, so pay attention to the "DNS view"... it gets downloaded from the 3030 but I still modify it to use the router itself as a DNS forwarder (or you can also use split DNS):

crypto isakmp enable

crypto isakmp xauth timeout 60

!

crypto ipsec client ezvpn EZVPNClient

connect auto

group [*VPNGROUPNAME1*] key 0 [*VPNGROUPPASSWORD1*]

mode network-extension

peer [*VPNPEERIPADDRESS1*] default

peer [*VPNPEERIPADDRESS2*]

xauth userid mode interactive

!

ip dns view ezvpn-internal-view

logging

domain list ******.****.com

domain name-server [*NAMESERVER1*]

domain name-server [*NAMESERVER2*]

domain name-server interface Loopback1

dns forwarding source-interface Loopback1

!

ip dns view-list ezvpn-internal-view

view ezvpn-internal-view 1

!

ip host my-router 192.168.1.254

ip host view ezvpn-internal-view my-router 192.168.1.254

!

ip domain list ****.*****.com

ip name-server [*NAMESERVER1*] [*NAMESERVER2*]

ip domain lookup source-interface Loopback1

!

ip dhcp pool Local

network 192.168.1.0 255.255.255.0

default-router 192.168.1.254

dns-server 192.168.1.254

option 150 ip ***.***.***.****

lease 0 0 3

!

class-map match-all VOIP-SIG

match ip dscp af31

class-map match-all VOIP-RTP

match ip dscp ef

!

!

policy-map QOS-POLICY

class VOIP-RTP

priority 30

class VOIP-SIG

bandwidth 8

class class-default

fair-queue

!

interface Loopback1

ip address [*10.XXX.XXX.254*] 255.255.255.0

crypto ipsec client ezvpn EZVPNClient inside

!

interface FastEthernet0

no cdp enable

no shutdown

!

interface FastEthernet1

no cdp enable

no shutdown

!

interface FastEthernet2

no cdp enable

no shutdown

!

interface FastEthernet3

no cdp enable

no shutdown

!

interface FastEthernet4

ip address dhcp

crypto ipsec client ezvpn EZVPNClient

no ip redirects

no ip proxy-arp

no ip directed-broadcast

service-policy output QOS-POLICY

duplex auto

speed auto

no cdp enable

duplex auto

speed auto

no cdp enable

!

interface Vlan1

ip address 192.168.1.254 255.255.255.0

ip dns view-group ezvpn-internal-view

no ip redirects

no ip proxy-arp

ip nat inside

ip virtual-reassembly

no ip mroute-cache

no cdp enable

!

ip nat inside source static network 192.168.1.0 [*10.XXX.XXX.0*] /24 extendable

ip route 0.0.0.0 0.0.0.0 dhcp

!

Ihab