here is the switch router config.  we are using this for layer 3 connectivity.  Yes, I have tested with a single laptop.. thats how I was able to isolate to just "VLAN B"

version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
!
hostname xxx
!
boot-start-marker
boot-end-marker
!
logging monitor informational
enable secret 5 xxx
!
aaa new-model
!
!
aaa group server tacacs+ TACACS-1
 server-private xxx key 7 xxx
 ip tacacs source-interface GigabitEthernet0/0
!
aaa authentication login default group TACACS-1 line
aaa authentication enable default enable
aaa accounting exec default
 action-type start-stop
 group TACACS-1
!
aaa accounting commands 1 default
 action-type start-stop
 group TACACS-1
!
aaa accounting commands 15 default
 action-type start-stop
 group TACACS-1
!
aaa accounting network default
 action-type start-stop
 group TACACS-1
!
aaa accounting system default
 action-type start-stop
 group TACACS-1
!
!
!
!
!
!
aaa session-id common
!
!
!
memory-size iomem 25
!
no ipv6 cef
no ip source-route
no ip gratuitous-arps
ip cef
!
!
ip vrf vpn-vrf
 rd 36:36
!
!
!
no ip bootp server
no ip domain lookup
ip domain name xxx.com
ip name-server xxx
ip name-server xxx
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2911/K9 sn xxx
license accept end user agreement
license boot module c2900 technology-package securityk9
!
!
!
redundancy
!
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
track 1 ip sla 1 reachability
 delay down 15 up 10
!
track 2 ip sla 2 reachability
 delay down 15 up 10
!
track 3 ip sla 3 reachability
 delay down 15 up 10
!
track 4 ip sla 4 reachability
 delay down 15 up 10
!
class-map match-any Critical-Traffic-Class
 match access-group name Critical-Traffic
 match access-group name Voice-Signaling
class-map match-any xxx-Traffic-Class
 match access-group name xxx-Traffic
 match protocol telnet
 match protocol ssh
class-map match-any BGP
 match protocol bgp
class-map match-any Voice-Media-Class
 match access-group name Voice-Media
class-map match-any Scavenger
 match protocol http url "*youtube*"
 match protocol http url "*espn*"
class-map match-any COS1
 match ip dscp ef
 match access-group name RT_Media
!
!
policy-map MARK-BGP
 class BGP
  set ip dscp cs6
policy-map AVPN-QOS-MAP
 class Voice-Media-Class
    priority percent 30
  set dscp ef
 class Critical-Traffic-Class
    bandwidth remaining percent 50
  set dscp af31
  service-policy MARK-BGP
 class xxx-Traffic-Class
    bandwidth remaining percent 15
  set dscp af21
 class Scavenger
    bandwidth remaining percent 5
  set ip dscp af11
 class class-default
    bandwidth remaining percent 5
  set ip dscp default
policy-map AVPN-SHAPING
 class class-default
    shape average 4000000
  service-policy AVPN-QOS-MAP
!
!
crypto keyring dmvpn_keyring vrf vpn-vrf
  pre-shared-key address 0.0.0.0 0.0.0.0 key xxx
!
crypto isakmp policy 10
 encr aes
 authentication pre-share
crypto isakmp keepalive 60
!
!
crypto ipsec transform-set AES-SHA esp-aes esp-sha-hmac
 mode transport
!
crypto ipsec profile DMVPN
 set transform-set AES-SHA
!
!
!
!
!
!
interface Loopback0
 ip address xxx 255.255.255.255
 !
!
interface Loopback200
 description AVPN Policy Routing
 ip address xxx 255.255.255.255
 !
!
interface Loopback253
 description DMVPN Policy Routing IP
 ip address xxx 255.255.255.255
 !
!
interface Tunnel1
 description xx DMVPN
 ip address xxx 255.255.255.0
 no ip redirects
 ip mtu 1440
 ip nhrp authentication xx*dmvpn
 ip nhrp map multicast dynamic
 ip nhrp map multicast xxx
 ip nhrp map xxx xxx
 ip nhrp network-id 250
 ip nhrp holdtime 120
 ip nhrp nhs xxx
 ip nhrp shortcut
 ip tcp adjust-mss 1396
 qos pre-classify
 tunnel source GigabitEthernet0/1
 tunnel mode gre multipoint
 tunnel key 250
 tunnel vrf vpn-vrf
 tunnel protection ipsec profile DMVPN shared
 !
!
interface Tunnel2
 description xxx DMVPN
 ip address xxx 255.255.255.0
 no ip redirects
 ip mtu 1440
 ip nhrp authentication xx*dmvpn
 ip nhrp map multicast dynamic
 ip nhrp map multicast xxx
 ip nhrp map xxx xxx
 ip nhrp network-id 251
 ip nhrp holdtime 120
 ip nhrp nhs 10.100.251.1
 ip nhrp shortcut
 ip tcp adjust-mss 1396
 qos pre-classify
 tunnel source GigabitEthernet0/1
 tunnel mode gre multipoint
 tunnel key 251
 tunnel vrf vpn-vrf
 tunnel protection ipsec profile DMVPN shared
 !
!
interface GigabitEthernet0/0
 ip address xxx 255.255.255.0
 ip flow egress
 ip policy route-map POLICY-ROUTING
 duplex auto
 speed auto
 !
!
interface GigabitEthernet0/1
 description ** Internet Windstream 50M  **
 bandwidth 50000
 ip vrf forwarding vpn-vrf
 ip address xxx 255.255.255.252
 ip access-group internet-in in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 no mop enabled
 !
!
interface GigabitEthernet0/2
 no ip address
 duplex full
 speed 100
 !
 max-reserved-bandwidth 100
!
interface GigabitEthernet0/2.947
 description ** AT&T AVPN 4M **
 bandwidth 4000
 encapsulation dot1Q 947
 ip address xxx 255.255.255.252
 service-policy output AVPN-SHAPING
!
!
router eigrp 100
 distribute-list route-map EIGRP->DMVPN out Tunnel1
 distribute-list route-map EIGRP->DMVPN out Tunnel2
 network xxx 0.0.0.0
 network xxx 0.0.0.0
 network xxx 0.0.0.0
 network xxx 0.0.0.0
 network xxx
 network xxx
 network xxx
 network xxx
 redistribute eigrp 1 metric 100 10 255 1 1500
 passive-interface default
 no passive-interface Tunnel1
 no passive-interface Tunnel2
 eigrp router-id xxx
!
!
router eigrp 1
 network xxx 0.0.0.0
 passive-interface default
 no passive-interface GigabitEthernet0/0
!
router bgp 65036
 bgp router-id 10.0.36.1
 bgp log-neighbor-changes
 neighbor xxx remote-as 13979
 neighbor xxx description AT&T AVPN
 !
 address-family ipv4
  no synchronization
  network xxx mask 255.255.255.255
  network xxx mask 255.255.255.255
  network xxx
  network xxx
  network xxx
  network xxx
  neighbor xxx activate
  neighbor xxx soft-reconfiguration inbound
  neighbor xxx route-map AVPN-IN-RM in
  neighbor xxx route-map AVPN-OUT-RM out
  no auto-summary
 exit-address-family
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip flow-top-talkers
 top 20
 sort-by bytes
!
ip route vrf vpn-vrf 0.0.0.0 0.0.0.0 xxx
!
ip access-list extended Critical-Traffic
 remark >>Critical Traffic<<
 permit ip any xxx 0.0.0.255
ip access-list extended xx-Traffic
 permit ip any xxx 0.255.255.255
 permit ip any xxx 0.0.255.255
ip access-list extended TO-DMVPN-REMOTES
 permit ip xxx 0.0.1.255 192.168.0.0 0.0.255.255
 permit ip xxx0.0.1.255 192.168.0.0 0.0.255.255
ip access-list extended Voice-Media
 remark >> Avaya RTP Traffic <<
 permit udp any range 2048 5999 any range 2048 5999
 remark >> IPT RTP Traffic <<
 permit udp any range 16384 32767 any range 16384 32767
ip access-list extended Voice-Signaling
 remark >> permit Avaya & H.323 <<
 permit tcp any eq 1720 any
 permit tcp any any eq 1720
 permit tcp any eq 1719 any
 permit tcp any any eq 1719
ip access-list extended internet-in
 permit icmp host xxx any echo
 permit gre any any
 permit esp any any
 permit udp any any eq isakmp
 permit udp any any eq non500-isakmp
 permit tcp host xxx any eq 22
 permit tcp host xxx any eq 22
 deny   ip any any
!
!
ip prefix-list AVPN-IN seq 5 permit xxx le 32
ip prefix-list AVPN-IN seq 10 permit xxx
ip prefix-list AVPN-IN seq 15 permit xxx
ip prefix-list AVPN-IN seq 20 permit xxx
ip prefix-list AVPN-IN seq 25 permit xxx
ip prefix-list AVPN-IN seq 30 permit xxx
!
ip prefix-list AVPN-OUT seq 5 permit xxx
ip prefix-list AVPN-OUT seq 10 permit xxx
ip prefix-list AVPN-OUT seq 15 permit xxx
ip prefix-list AVPN-OUT seq 20 permit xxx
ip prefix-list AVPN-OUT seq 25 permit xxx
ip prefix-list AVPN-OUT seq 30 permit xxx
!
ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0
!
ip prefix-list Local-Nets seq 5 permit xxx
ip prefix-list Local-Nets seq 10 permit xxx
ip prefix-list Local-Nets seq 15 permit xxx
ip prefix-list Local-Nets seq 20 permit xxx
!
ip prefix-list Local-Nets->DMVPN seq 5 permit xxx
ip prefix-list Local-Nets->DMVPN seq 10 permit xxx
ip prefix-list Local-Nets->DMVPN seq 15 permit xxx
ip prefix-list Local-Nets->DMVPN seq 20 permit xxx
ip prefix-list Local-Nets->DMVPN seq 25 permit xxx
ip prefix-list Local-Nets->DMVPN seq 30 permit xxx
ip sla 1
 icmp-echo xxx source-interface Loopback200
 threshold 100
 frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 1.1.253.1 source-interface Loopback253
 threshold 100
 frequency 5
ip sla schedule 2 life forever start-time now
ip sla 3
 icmp-echo 1.1.253.2 source-interface Loopback253
 threshold 100
 frequency 5
ip sla schedule 3 life forever start-time now
ip sla 4
 icmp-echo 172.16.200.2 source-interface Loopback200
 threshold 100
 frequency 5
ip sla schedule 4 life forever start-time now
logging trap warnings
logging origin-id hostname
logging source-interface Loopback0
logging xxx
logging xxx
access-list 10 permit xxx
access-list 10 permit xxx
access-list 10 permit xxx
access-list 10 permit xxx
!
!
!
!
route-map AVPN-IN-RM deny 10
 match ip address prefix-list DEFAULT-ROUTE
!
route-map AVPN-IN-RM permit 20
 match ip address prefix-list AVPN-IN
!
route-map EIGRP->DMVPN permit 10
 match ip address prefix-list Local-Nets->DMVPN
!
route-map AVPN-OUT-RM permit 10
 match ip address prefix-list AVPN-OUT
!
route-map deny-all deny 10
!
route-map POLICY-ROUTING deny 5
 match ip address TO-DMVPN-REMOTES
!
route-map POLICY-ROUTING permit 10
 match ip address Critical-Traffic
 set ip next-hop verify-availability xxx track 1
 set ip next-hop verify-availability xxx 2 track 2
 set ip next-hop verify-availability xxx 3 track 4
!
route-map POLICY-ROUTING permit 20
 match ip address xxx-Traffic
 set ip next-hop verify-availability xxx track 2
 set ip next-hop verify-availability xxx track 3
!
route-map POLICY-ROUTING permit 30
 set ip next-hop verify-availability xxx 1 track 3
 set ip next-hop verify-availability xxx 2 track 2
!
!
snmp-server community xxx RW
snmp-server community vector RO
snmp-server trap link ietf
snmp-server location xxx
snmp-server contact xxx IM  
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps envmon
snmp-server enable traps bgp
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps frame-relay multilink bundle-mismatch
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps ipsla
snmp-server host xxx vector
!
control-plane
 !
!
banner login ^C
******************* WARNING ********************
*                                              *
* You have accessed a private computer system. *
* Unauthorized access or use of this system is *
*   strictly prohibited and may be subject to  *
*        criminal and/or civil penalties.      *
*                                              *
* Violators will be prosecuted to the fullest  *
*             extent of the law.               *
*                                              *
************************************************
************************************************
^C
!
line con 0
line aux 0
line vty 0 4
 session-timeout 15
 exec-timeout 15 0
 privilege level 15
 password 7 xxx
 transport preferred telnet
 transport input telnet ssh
 transport output telnet ssh
line vty 5 15
 session-timeout 15
 exec-timeout 15 0
 privilege level 15
 password 7 xxx
 transport preferred telnet
 transport input telnet ssh
 transport output telnet ssh
!
scheduler allocate 20000 1000
end