I presume that your problem is related to the authentication phase.
Ones the client is connected, it's IP and MAC is loaded in one of the first tables in ipfw see https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting - remember : 2.4.x : no more "-x" parameter)

When you look at the ipfw rules and tables, and /etc/inc/captiveportal.inc (where the rules are created and injected into ipfw) it is easy to create somewhere in the middle a pass-all rule. Put one in, and see if the "load" problem still exists. If so : it's not the portal or pfsense but your routing capabilities, it's time tu upgrade the hardware.
If the problem is the authentication phase, or, more precis : the web server that handles the login pages, the creation of the rules into the tables, and the housekeeping of a mini database - 2 of them (the 'nasty' PHP build-in SQLITE which tends to create a huge file that tends be be read and written often - you better have some fast media or put it into RAM) you should look up the several threads in this forum that talk about heavy load portals - have read about some installations that have several thousands of clients at the same moment.

Also : do not set the soft and hard time out to low : tat means people have to re-log again more often.

Btw : I presume you have some PHP knowledge (accessible ones one can read - it worlds most simple language, only basic was more ….) and have some global "system" knowledge about things like "ipfw" (all the doc is on the net already).
You want to tune your system, which is ok of course, so, the question is : are you a tuner ? If not, have it tune ;)

See my reply not as a "do this and you will be fine", more as a "I would take these steps to see where the bottle neck is".

Btw : you are running VLAN's over what ? one 1GB interface ? 100 Mbit interface ?
Think about ditching VLAN and take real physical LAN's (1 Gb does NOT take 1 Giga bit per second, it will be far less ...)

Can you give some numbers ?