I’m not sure what problem you’re having, because that’s known to work (listen to a high port inside of the Caddy container, and map them to the low ports on your host).
Alternatively you can use the configure Caddy to use the DNS challenge instead which doesn’t require any particular ports to be open, but requires you to build Caddy with the appropriate plugin to solve the DNS challenge:
There’s instructions for building Caddy with plugins here Docker