Hi Perry,
UNC paths for website root folders are untested and may not work.
If you are on v4 you can use the built-in http challenge server to avoid having to provide IIS configuration (it temporarily sits in the http pipeline before IIS) but you still need port 80 open.
Note if you were using a shared volume to try to load balance/web farm validation responses this is a more complex problem and is not currently supported.