We currently have a branch office (BO) router with ptp connection to headquarters (HQ). There is no firewall connecting router to LAN. We are now providing dedicated Internet access to BO, with a ASA firewall between the BO router and LAN. We have digital phone service with Priority Queuing for voice on the old branch office router. Should the Priority Queuing statements be now implemented in the ASA firewall or on the new router?
If I understand the setup correctly then I would mark the voice packets at the e0 interface (input) of the BO router. Also apply the policy-map to the output of the s1 on the router.
Ideally, I would mark them at the LAN switch's layer 3 interface then prioritize them at the BO router but it is really no big deal as the odds of latency in a LAN environment are fairly slim.