In short, after a week of torment, the installations are recognized.
So, for those who struggle with setting up L2TP over IPSec towards the Softether server, and the Mikrotik client:
Softether server - xx.xx.xx.xx - its IP,
yy.yy.yy.yy Mikrotik address (in my case, internal yy.yy .10.42)
All settings on Mikrotik:
1. created Ipsec proposal. There Sha1, 3des, aes-256 cbc, PFS Group mod1024.
2. created an Ipsec peer. There the address is xx.xx.xx.xx, port 500, pre shared key and it is entered in the field itself, exchange mode l2tp, send initial contact is NOT worth it, nat traversal is worth it (I have Mikrotik behind nat), proposal check Obey, sha1 , 3des+aes-128+aes-256, DH group NO, disable DPD. Phew.
3. the most cheerful - created Ipsec policy. There src-address yy.yy.10.42/32 (!), dest-address xx.xx.xx.xx/32, protocol udp, action encrypt, level require, ipsec protocols ESP, tunnel is NOT worth it, sa-src-ad yy.yy.10.42, sa-dst-ad xx.xx.xx.xx.
4. well, the l2tp client connection itself, only the profile must contain encryption -> require.
After everything done when trying to raise the l2tp client, the server and established in details should appear in IPSec -> remote peers, and two lines in IPSec -> Installed SAs with details of the SAs themselves and the encryption method. Softether, as it turns out, supports a lot. Both des and 3des and aes-128 cbc and aes-256 cbc.
Thank you all, take a break!

Colleague, you can at least attach a screenshot of the settings of your wonderful thing. And settings "home" of clients too.
It will be quite easy to translate into the language of Mikrotik, so that he will also join in communion .