Update ;
(With some guidance from the thread created at Spiceworks - read it here) I have now got the inter VLAN and relay working ( with one caveat *) . The main issue was that I was mixing and matching the VLAN interfaces on the routing hardware . The VLANS are now exist on just the switch - This is important because , the VLAN Relay will only work when on the device where the VLANS are created .
The SG300 switch does not care about additional IP addresses of the Router, so having one IP for the tomato is sufficient . It just needs to know its upstream gateway route . I removed the additional IP interfaces from the tomato , added interfaces to the switch , and removed the Trunk between the router and the Cisco SG300 switch.
So now the Router has one IP address ( 10.10.0.1) and routes packets to the sg300 switch IP ( 10.10.0.5)
Add route 10.10.4.0 (VLAN 4) next hop 10.10.0.5 ( switch )
Add route 10.10.3.0 (VLAN 3) next hop 10.10.0.5 (switch )
I understand now , I should let the Switch do the InterVlan routing , which does work automatically . I am now able to IP addresses from the Win2016 server on both VLAN Scopes ( VLAN 3 and VLAN 4 ) - Just one issue now :
* I am now unable to get internet on the VLANS