Ugh, I hate distributed mode. I've never had good long-term success with it.
If you can't get BonCode to work for you, you can still use IIS as a reverse proxy through Application Request Routing. You'd have to use IIS and CF on your internal container in a more-or-less normal setup, then have the external IIS server reverse proxy to your internal IIS server. This would almost certainly get rid of your CF application pool errors. You'd have to set up ARR, which uses Kerberos, so you'd need an AD and use that as your Kerberos Distribution Center (KDC). AD does that by default, but Kerberos can be a pain to set up. Anyway, here's an article about using ARR in this way, which contains a link at the top that you should also read if you're trying to do this.
Dave Watts, Eidolon LLC
