You are using VLANs, which means if you blindly apply those two fasttrack rules from that "guide", then fasttrack will have no effects (because your VLAN interfaces are not bridge), and you won't be able to reach Gbps routing throughput.
Use the rules from the default firewall configuration provided by MikroTik:
the relevant parts are:
/ip firewall filter
add chain=forward action=accept ipsec-policy=in,ipsec comment="defconf: accept in ipsec policy"
add chain=forward action=accept ipsec-policy=out,ipsec comment="defconf: accept out ipsec policy"
add chain=forward action=fasttrack-connection connection-state=established,related comment="defconf: fasttrack"
add chain=forward action=accept connection-state=established,related,untracked comment="defconf: accept established,related, untracked"
add chain=forward action=drop connection-state=invalid comment="defconf: drop invalid"
Those are the rules normally placed at the top of the forward chain, before any other specific blocking rules.
Your configuration does not use mangle mark-routing/mark-packet rules, so the fasttrack rule can stay as-is without problem. IPsec exceptions are already handled by the first two rules.
If you later use mangle marking rules, try to use mark-connection on the connections that need special handling by mangling, then you can add an additional condition connection-mark=no-mark to the fasttrack rule, and it will be skipped for all connections with connection mark. Connections requiring no mangling are still sped up. The alternative is to disable the fasttrack rule completely, which is less efficient.