As many on this forum I've run into multiple issues trying to figure out howto make a win10 machine to auth to a mikrotik l2tp/ipsec server.
P.S. this setup allow both: android + win10 clients to auth.
"Official" Mikrotik tutorials => failed miserable
Others sources => partially success
So, after mixing all the info together:
Now, 2ndpart => after creating the vpn configuration ( enable strong algorithms) NO SHA1::
Start powershell( Administrator mode)
Set-VpnConnectionIPsecConfiguration -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -ConnectionName <name_of_vpn_connection> -DHGroup ECP256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup ECP256
..and WORKING !!