Grandstreams don't really like the tftp:// to be specified, and default to HTTP distribution. What I've found is open both, http and TFTP distribution to the phones, then specify in the template to use the tftp. This will usually resolve the first issue.
Vlans: Don't block vlan 0 from reaching the system properly, then find the pcode for vlans (I forget what it is, sorry) and put that in the base file to fix it after first provision.