I don’t know how the embedded L2TP/IPsec client of iOS behaves in terms of routing, but otherwise it is yet another L2TP/IPsec client of your server.
So basically he should be able to connect once you enable the encryption and authentication algorithms required by the iOS client in the default peer profile and default proposal on the MIkrotik (ipsec log on the Mikrotik will help you here, telling you which algorithms the initiator offers), and it depends on settings available in iOS whether it is only possible to redirect all traffic via the VPN, or whether you can only use one of the private subnets in the old-fashioned classes like on Windows (where a route to 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16 is automatically set via the L2TP tunnel depending on into which subnet the address assigned to the client fits) or whether you can configure destination subnets of your choice.
Mikrotik currently prefers IKEv2 (but currently only with machine certificate) to L2TP, and supports both mode-config and DHCPINFORM way of pushing routes to the client on IKEv2, but no support of DHCPINFORM for L2TP has been announced. I have no idea whether iOS could use it, though.
And, not to be forgotten, if using L2TP/IPsec, the iOS user MUST NOT connect from LAN of sites which are the HO’s L2TP/IPsec clients themselves, as it would cause trouble. Detailed explanation and solution available here.