UDP is fine. We have apps on the App Store that use UDP. This is likely a NAT related issue. That is not going to be an issue just for App Store review, but also for tons of other networks out there. As of lately, carrier-grade NAT deployments are very common.

It's usually impossible to establish a two-way UDP "connection" between two peers that are both behind NAT. This varies depending on the type of NAT. If just one peer is behind NAT you can typically establish the "connection" using NAT hole punching. If both peers are behind NAT you may need to proxy the UDP packets using an intermediary server.

There are protocols for hole punching, such as ICE (https://tools.ietf.org/html/rfc8445), but you can also roll your own - if you control all endpoints.

"Connection" in quotation marks because UDP is a connection-less protocol, but the NAT port mappings that are established are sometimes referred to as a connection.

What, so iOS can't run UDP-dependant apps at all?!

What kind VPN doesn't support UDP!?

For example, I've never managed to establish any sort of UDP connection over an AT&T line, neither home nor cellular.

UDP on AT&T and other carriers is just fine, but you need to do NAT hole punching or proxy the UDP packets. See my comment to the grandparent.