The problem is some routers have been configure to block most protocols except TCP taffic.
In this case you may want to tunnel packets inside the SSL stream over TCP. An example, this method is used in http://www.projectloki.com VPN solution.
I do realize that using a common protocol like IPSEC may get me through the router, but it may confuse traffic as well. My encryption solution is disruptive and does not fall into the normal encryption schema.
Why not to use GRE tunneling then? Routers usually pass GRE and even may NAT if you use extended GRE header.