http://wiki.mikrotik.com/wiki/OpenVPN
/ip address add address=172.16.0.1/24 interface=ether2-master-local comment=LAN
/ip pool add name=ovpn-pool ranges=172.16.0.100-172.16.0.110
/ppp profile
add change-tcp-mss=default comment="ovpn_ppp" local-address=172.16.0.3 name="ppp_ovpn_profile" only-one=default remote-address=ovpn-pool use-compression=default use-encryption=required
/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name="name" password="password" routes="" service=ovpn
/interface ovpn-server server
set auth=sha1,md5 certificate=.crt_0 cipher=blowfish128,aes256,aes192,aes128 default-profile=ppp_ovpn_profile enabled=yes keepalive-timeout=disabled max-mtu=1500 mode=ip netmask=29 port=443 require-client-certificate=no
/ip firewall filter
add action=accept chain=input comment="OpenVPN" disabled=no dst-port=443 protocol=tcp
/ip address add address=172.16.0.1/24 interface=ether2-master-local comment=LAN
/ip pool add name=ovpn-pool ranges=172.16.0.100-172.16.0.110
/ppp profile
add change-tcp-mss=default comment="ovpn_ppp" local-address=172.16.0.3 name="ppp_ovpn_profile" only-one=default remote-address=ovpn-pool use-compression=default use-encryption=required
/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name="name" password="password" routes="" service=ovpn
/interface ovpn-server server
set auth=sha1,md5 certificate=.crt_0 cipher=blowfish128,aes256,aes192,aes128 default-profile=ppp_ovpn_profile enabled=yes keepalive-timeout=disabled max-mtu=1500 mode=ip netmask=29 port=443 require-client-certificate=no
/ip firewall filter
add action=accept chain=input comment="OpenVPN" disabled=no dst-port=443 protocol=tcp
