Tor stopped working (with bridge) when I was there last month. It worked for a day or two then stopped working. It didn't matter how many times I refreshed my bridges list, it just wouldn't work. Luckily I provisioned an Azure VM in Hong Kong which I could access via RDP to keep access to GMail, Facebook etc.
I've never been anywhere near the GFW but I do find OpenVPN listening on 443/tcp and a few other ports (tcp and udp) on the outside quite handy for drilling through firewalls. It supports basic auth proxies but CNTLM is in the toolbox as well. Add in NAT and a few routing entries on other hosts.
It also provides a simple way to detect a transparent MitM proxy. If OVPN fails to connect but an "unprotected" https connection gets through then the alarm bells go off and the presented SSL cert gets a serious examination. I keep a couple of thumbprints of known certs handy for this - the discipline of proper checking rather than a cursory glance at an image that the GUI throws up.
I use readily available stuff but looking into the description of how the obfs protocols work in Tor I'm impressed and rather glad that my life or liberty doesn't depend on my efforts. When I get it wrong I simply lose access to BBC iPlayer or whatever. When someone who is having to take this rather more seriously gets it wrong, they might not get a chance to repeat their mistake.
This sort of thing used to work, but doesn't anymore. The GFW is now smart enough to detect VPNs based only on the traffic they generate, not port numbers or other easily changed things. It's currently an arms race between VPN providers trying to mask their traffic and the firewall trying to uncover it, and the firewall is winning so far.
Whelp, that's pretty much it for the internet. Won't be long before many more governments are licensing and using this technology. The question is how long before supposedly 'free' governments start.
If you're in China, you might want to use Shadowsocks. The server is easy to set up on any VPS (no need for TUN/TAP), and there are clients for Android (Shadowsocks), iOS9+ (Potatso), linux and routers.
I've found plain OpenVPN over TCP or UDP stopped working a few years ago (even using remote-random to shuffle ports). PPTP mostly still works.
I haven't used other VPN protocols for a long while, and don't use commercial VPN providers, but occasionally hear from friends that they have temporarily issues (for hours or days, but not weeks).
http://conferences.sigcomm.org/imc/2015/papers/p445.pdf