New Router - port 80 and 443 unable to be forwarded

1. Caddy version (caddy version):


2. How I run Caddy:

Windows service

a. System environment:

Win10Pro fully updated

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

Paste config here, replacing this text.
Use `caddy fmt` to make it readable.
DO NOT REDACT anything except credentials.
Make sure the backticks stay on their own lines.

3. The problem I’m having:

I have changed broadband providers and the modem/router supplied by the new provider (Vodafone (AU)) will not allow port forwarding of 80/443, consequently I can no longer get certs from LetsEncrypt.
Is there any way I can get Caddy/LetsEncrypt to accept different ports?
I have come across the HTTPSPort directive but have no idea whether or not it will work in this instance nor how to use it in my caddy file.

thanks for any help

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

These are the massages I get from the router when trying to port forward 80/443

port 80
port 443


Nope. It’s a hard requirement for the ACME HTTP and TLS-ALPN challenges to use ports 80 and 443 respectively.

You can use the DNS challenge though, which has no port requirement, but does require you to build Caddy with the appropriate plugin for your DNS provider so that Caddy can automatically configure a DNS TXT record to prove to the ACME issuers that you control the domain.

Are you sure you can’t just set the thing to bridged mode and use your own consumer router?

Best if you reach out to your ISP for help, or ask on some community forums for your local ISP.

If the external IP address of the supplied router is a private address, your provider has placed you behind a CGNAT. You won’t be able to use port forwarding or host services in this case. Your provider may provide an option to purchase a static public IP address, but this is likely to be at an additional recurrent monthly cost.

Would a VPN help with something like this?

Another option is using CloudFlare’s argo tunnel. But I’m not the best person to explain how to use it.

This looks useful. I haven’t tried it though ngrok

This topic was automatically closed after 30 days. New replies are no longer allowed.