This issue is fallout from Blizzard’s efforts to reject evil DDOS traffic. They’re using the network packet “time to live” value to fingerprint incoming packets and reject packets that aren’t from Windows. (The DDOS seems to be coming from “internet of things” appliances like webcams and “smart” light bulbs, and those run on Linux.)
Unfortunately, their methods also reject packets from their own mobile app, since Android and IOS both have default TTL times that cause their packets to be rejected.
I have a rooted Android advice, so I applied the fix action in this thread to my phone and it connects.
However, that workaround isn’t feasible unless you have a jailbroken and rooted device, an app that opens a shell console, and a basic comfort with using a shell command to meddle with low-level network config values. 