I work often in China. I somehow haven’t had my WireGuard VPN back to my own home server blocked, yet. It’s pointed to a domain that also hosts some HTTPS web services so that might help.

Prior to this, pre-Covid I used to use shadowsocks hosted on a DO droplet. Shadowsocks with obfs, or a newer equivalent (v2ray w/ vmess or vless protocol) and obfs (reality seems to be the current hotness) will probably work within Indonesia given their blocking will be way less sophisticated than China. The difference here is that it’s a proxy, not a VPN, but it makes it a lot easier to obfuscate its true nature than a VPN which stands out because obfuscation isn’t in its design.

Hosting on big public VPSs can be double edged. On one hand, blocking DO or AWS is huge collateral. On the other, it’s an obvious VPN endpoint and can help identify the type of traffic as something to block.

If you have access to reddit, r/dumbclub (believe it or not) has some relatively current info but it’s pretty poor signal to noise. Scratch around there for some leads though.

Note that this stuff is all brittle as hell to set up and I usually have a nightmarish time duct-taping it all together. That’s why I’m overjoyed my WireGuard tunnel has worked whenever I’ve visited for a year now.

One other left-field option, depending on your cost appetite, is a roaming SIM. Roaming by design tunnels all data back to your own ISP before routing out so even in China roaming SIMs aren’t blocked. It’s a very handy backup if you need a clear link to ssh into a box to set up the above, for example.