/interface l2tp-server server set enabled=yes default-profile=L2TP-profile authentication=mschap2 use-ipsec=required ipsec-secret=my_password
/ip firewall filter add action=accept chain=input disabled=no src-address=10.8.18.0/24 dst-address=0.0.0.0/0 place-before=1 comment="allow all from L2TP to internet"
/ip firewall filter add chain=input comment="allow L2TP ipsec port" dst-port=500,1701,4500 protocol=udp action=accept place-before=1
/ip firewall nat add place-before=0 chain=srcnat src-address=10.8.18.0/24 ipsec-policy=out,none action=masquerade comment="MSQRD L2TP:10.8.18.0/24 --> WAN traffic" 
/ip firewall filter add chain=forward action=accept ipsec-policy=in,ipsec comment="ipsec in"
/ip firewall filter add chain=forward action=accept ipsec-policy=out,ipsec comment="ipsec out"
/ip ipsec profile set [ find default=yes ] dh-group=ecp256,modp2048,modp1024 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha1 
/ip ipsec proposal set [ find default=yes ] auth-algorithms=sha256,sha1 enc-algorithms=aes-128-cbc,aes-192-cbc,aes-256-cbc pfs-group=none

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent]
"AssumeUDPEncapsulationContextOnSendRule"=dword:00000002

respond new phase 1 (Identity Protection): 192.168.2.2[500]<=>x.x.x.x[500]
ISAKMP-SA established 192.168.2.2[4500]-x.x.x.x[4500] spi:ab5895d42beeeafe:89096530ce8568e4
purging ISAKMP-SA 192.168.2.2[4500]<=>x.x.x.x[4500] spi=ab5895d42beeeafe:89096530ce8568e4.
ISAKMP-SA deleted 192.168.2.2[4500]-x.x.x.x[4500] spi:ab5895d42beeeafe:89096530ce8568e4 rekey:1

respond new phase 1 (Identity Protection): 192.168.2.2[500]<=>x.x.x.x[1]
ISAKMP-SA established 192.168.2.2[4500]-x.x.x.x[1024] spi:680260e4e3d72844:44d0a6a8f82bb5c8
first L2TP UDP packet received from x.x.x.x
l2tp03 logged in, 10.x.x.x