Mikrotik L2TP/IPsec for Android, iOS, Windows

The most important part is the ipsec profile, ecp256 is required for Windows. Also, the L2TP secret is not supported by iOS. 

Following is the configuration script for ROS 7.7:

/ip pool

add name=l2tp_pool ranges=192.168.100.190-192.168.100.200

/ppp profile

add name=l2tp-profile local-address=l2tp_pool remote-address=l2tp_pool

/ppp secret

add name=sclai profile=l2tp-profile service=l2tp

/ip ipsec profile

set [ find default=yes ] dh-group=ecp256,modp1024 enc-algorithm=\

    aes-256,aes-192,aes-128

/interface l2tp-server server

set authentication=mschap2 default-profile=l2tp-profile enabled=yes use-ipsec=\

    yes