I don't think Hotels specifically block client VPN (at least none that I have ever been involved with).
IPSec when running through NAT tunnels traffic through UDP ports. UDP is stateless. So the NAT device needs to be the tiniest bit smarter about handling this, because it can't tell when the sessions are finished. Most NAT UDP implementations implement an idle session timer and a max session lifetime timer. Some implementations choose stupid values for these, like a 5s idle timer (which is enough to make DNS work, but not much else). Some implement annoying max duration session times like 30 minutes.
It is in these cases that an IPSec based client VPN will fail, or only run for set periods of time before failing.
In my experience, the number of these bad NAT devices is reducing. I only tend to run into them in a small number of home domestic routers these days.
SSL VPN however uses TCP. TCP has a clear start and end of session, and can be easily tracked. SSL VPN tends to have no issues as a result.