Yesterday’s Guardian Technology reported the PRC has deployed VPN-blocking technology as part of its Great Firewall. Apart from an alleged email from VPN firm Astrill, there’s no evidence of this, but something is happening. Initially it was those using corporate networks that reported the problem back in May 2011, while the home users were largely unaffected. This could well have been a strategy to compile a list of non-corporate VPN users.
I believe the PRC has merely applied their existing IP address blacklist to known VPN providers, rather than using a protocol-based filter, and that a given VPN service will remain reachable until it’s discovered. In other words, someone at the border gateway is searching for VPN providers and manually blocking them. The real test of this is whether VPN gateways within China, where TCP scanning is distributed across regional data centres, are reachable.