I played around with the web.config and got the following to work. Basically instead of putting the elmah.axd HttpHandler in the general system.web, add it specifically in the system.web of your “admin” path location.
<location path="admin">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>