Ok, I hava CRS on dynamic IP in my house. I have been reading up trying to figure out which is the "best "solution to be able to VPN to home from Windows/OSX/iPhone/Android (Yeah.. we sorta use 'em all, and none of the mobile devices are rooted/jailbroken… 
)
I have not been able to find a guide for L2TP/IPsec on dynamic endpoint. Other options?
Hints?
OpenVPN is a great tunnel. And easily configurable!
If you want to “rule them all” you have actually one good choice - OpenVPN.
For iOS you can use official free app: https://itunes.apple.com/us/app/openvpn-connect/id590379981?mt=8 (it looks horrible but works flawless).
If you want to run OpenVPN on OSX without pain and hours of digging buy Viscosity - https://www.sparklabs.com/viscosity/ - it’s cheap ($9) and works after few clicks.
Quite honestly, I found OpenVPN a pain to get it up and running on the router, so I opted for a simpler solution with L2TP which I found trivial to configure.
OpenVPN would be a lot better and I will revisit it some day, but as I rarely need a VPN back to my home, I have not really spent too much time on it.
If you want to run OpenVPN on OSX, Tunnelblick is the way to go imho.
This is a good guide with client configurations
Mikrotik L2TP with IPsec for mobile clients
http://www.firstdigest.com/2015/01/mikrotik-l2tp-with-ipsec-for-mobile-clients/
I got caught when I didn’t read one of the first steps "please make sure that your Mikrotik build-in firewall is configured in such way that it can accept packets on the WAN interface. "
So added this firewall rule and then was successfully connecting.
add chain=input comment="VPN port allow" port=1701,500,4500 protocol=udp
Actually OpenVPN configuration is only a pain for the first time - next time is obvious and takes 5 minutes 
It is not so easy :-/. Mine is not working as it should. I have a lot of dropped packets.
im agree with you, there is some kind of fanaticism for open-vpn, use the vpn you wish
in mi case im happy with iPiP over iPSEC