Not quite an answer to your question, but I'm watching this thread with curiosity.
First of all, if you want to use AES you should activate it (in pfSense Advanced-Misc-Cryptographic hardware)
My very limited experience with AES-NI (I just installed the proper hardware 2 days ago and am still running tests) is that with AES crypto active and using AES-GCM128 it doesn't actually push a lot more data thorough, but it does let the CPU breath for other stuff.
In other words, before I had AES-NI the router became unresponsive during large transfers, but in the end the transfer went through through sheer CPU-power. Right now, with AES-NI, the transfer is slower (even with a much faster CPU!!!) but the router stays 100% responsive to everything (SNNP, run of the mill routing, etc) - the CPU actually hovers at 3% usage during transfer, as reported by the pfSense dashboard. It used to hit 90%+ on the older non-AES-NI hardware.
I have no idea if this is what to expect (and if so, it's disappointing, I wanted faster transfer). I don't want to hijack your thread but additional hints and tips would be welcomed and would probably help you too.