Ok, so either way your current configuration is apparently not allowing external traffic to connect to port 80. Check your VM hosting network settings.
You also cannot use geographic IP filtering with Let’s Encrypt http validation because they validate from a range of different geographic locations.