As there are messages about fragmentation
May 22 08:33:52 08:33:52.477285:CID-0:RT:packet need to be fragged. ip len 1460, max_ip_len 1452
I would start with adjusting tcp mss on both ends
#set security flow tcp-mss ipsec-vpn mss 1350
If you want to be more precise with the value you can use IPSec Overhead Calculator
https://cway.cisco.com/tools/ipsec-overhead-calc/