Double VPN, first one is orbot/psiphon and then your VPN.

Easy on Linux, not so easy on other platforms, especially non-rooted android or iphones

I recently had massive issues reaching my home network from hotel WiFi. I couldn’t even connect my regular VPN on their WiFi, I tried a bunch of stuff with different ports, TCP/UDP, different protocols, nothing seemed to work even for my proton VPN.

I managed to get mullvad running though, then I could connect with tailscale (with mullvad VPN still running) and then disable mullvad after tailscale connected. Tailscale then didn’t drop the connection.

Weird work around, but it was consistent.

Not sure if Wireguard over obfs4proxy is doable easily on OpenWRT yet, but it may be an option

The issue is more likely to be your port selection and UDP being discarded on networks with captive portals that generally only allow certain ports and traffic. Try using some other common UDP service ports like 53/DNS if not already in use, or maybe 5060/SIP, or even other common VPN ports.

Unless they’re running L7 hardware in the hotels, I doubt they’re doing any kind of packet inspection.

Tailscale/Headscale + DERP may work as they relay packets through a typical HTTP server. Just make sure your router has some space to download the binary - for MIPS they’re like ~60MB or something iirc.

Maybe try some TLS-based VPN? This should work almost anywhere, because it looks like a standard HTTPS connection.

Wireguard - even on port 443 - is special as it uses UDP protocol and not the more widely used TCP protocol.