>but is it possible for ISPs to block particular VPNs ?
yes, at both the network level (by blocking IP ranges belonging to VPN services) and protocol level (ie. known handshake sequences for VPN software). but both can be easily bypassed with a few google searches.
According to the OpenVPN docs, running it in static key mode makes the traffic indistinguishable from ordinary HTTPS. Regardless, my university network still manages to block it even though I use TCP mode + port 443. What gives?
Does it block it right away? If it works for a minute or two (or ten) then cuts off they might be doing more deep heuristics, but that's usually something only governments do (ex, great firewall). They also might have just blocked the IP range of your VPN because you connected to it in a different mode before and the network just remembers that.
AFAIK even in static key mode + TCP, it doesn't perfectly resemble a "normal" TLS connection. I think openvpn adds some custom headers to each packet or something. Something like stunnel + openvpn in TCP mode should look more similar to https.
yes, at both the network level (by blocking IP ranges belonging to VPN services) and protocol level (ie. known handshake sequences for VPN software). but both can be easily bypassed with a few google searches.