services are slow as hell or even unusable via ipsec tunel with this firewall conf

so two sites , ipsec tunel between them, on site A we have service that is accessed from site B via ipsec tunel
firewall basic recommended configuration.
/ip firewall filter
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=accept chain=input comment=“defconf: accept established,related”
connection-state=established,related
add action=drop chain=input comment=“defconf: drop all from WAN”
in-interface=ether1
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack”
connection-state=established,related
add action=accept chain=forward comment=“defconf: accept established,related”
connection-state=established,related
add action=drop chain=forward comment=“defconf: drop invalid”
connection-state=invalid
add action=accept chain=forward ipsec-policy=in,ipsec
add action=drop chain=forward comment=
“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat
connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment=“defconf: masquerade”
out-interface=ether1

so while this firewall set up is in order service between A and B is not usable at all slow ass hell , it connects data seems to be going but so slow that it takes ages or seems to be not all of the data goes trough ipsec tunel

any ideas ?
Much appreciated for your help!

Disable the action=fasttrack-connection rule. If it fixes the “slow VPN” problem, read the IPsec manual one more time to learn how to disable it selectively only for traffic which needs to be matched by the IPsec policy, because otherwise you’ll have an “fast VPN but slow everything else” problem.

I have disabled fasttrack connection rule and yes it resolved vpn issues. Testing overall network and dont see any issues at all right now , ill keep monitoring this for a couple of days.