A 3005 does not really support qos, especially per flow like you need to properly prioritize the voip traffic.

However, since the 3005 is probably not the location that is bandwidth constrained (it better had not be) you can prioritize the traffic at the spoke (the 831).

On the 831 use the basic mqc (modular qos command line) to mark on the way into each interface, and use llq on the way out)

so on f0/0 of the router you mark such as

class-map voice_mark

match protocol rtp

(or match access-group XXX) if your voip application just uses a bunch of specific udp ports, etc)

policy-map qosmarking

class voice_mark

set dscp ef

class-map voice1

match dscp ef

policy-map qosaction

class voice1

!here you need to determine how much of your wan

!will voice get to "OWN". After this level, the

!packets will be policed in this config, becareful

priority 384

class class-default

fair-queue

int f0/0

!prevent crypto from hiding markings, etc

!if you have a tunnel0 interface use there

!if the tunnel interface is used for vpn

qos pre-classify

ip nbar protocol-discovery

service-policy input qosmarking

int s0/0

service-policy output qosaction

Now do the same thing for the inbound, only since vpn traffic is coming from the 3005 you cant really go by markings, as the 3005 wont mark traffic that way... You just need to make an egress policy on f0/0 to boost voice and limit everything else... so using incoming ip source of 3005 network's voip server is bests...

! 1.1.1.1 is the voip host in the 3005 side of the

! tunnel

access-list 101 permit ip host 1.1.1.1 any

class-map incoming_voip

match access-group 101

policy-map incoming_traffic

class incoming_voip

priority 384

class class-default

fair-queue

int f0/0

service-policy output incoming_traffic

ENJOY!

and RATE POSTS!