web site configuration

Your web.config is set up properly. Further, ensure the IIS site/app is configured as:

• to NOT allow anonymous access
• forcing Integrated Windows authentication
• leave the app pool as Network Service

IIS7

• ensure you have the Windows Authentication security feature installed in Roles & Features.
• In IIS7, go to the IIS or Features View, double-click Authentication.
• On the Authentication page, select Windows Authentication
• On the Authentication page, disable Anonymous Authentication
• MSDN article

IIS6

Find the dialog below at

• Control Panel / Administrative Tools -> IIS Manager -> Right click Web site -> Properties -> Directory Security

Maybe it can be useful: I started to receive 401.2. error in .ASPX application (no changes in the app made), in protected path amd Forms auth.:

<authentication mode="Forms">...</authentication>...<location path="Admin">    <system.web>        <authorization>            <allow roles="Admin,Client" />            <deny users="*" />        </authorization>    </system.web></location>

AFTER launching of other MVC applications on same computer/IIS. It seems MVC changed something in server's config (routes, I believe). Any playing with Authentication in IIS (computer/server/site) did not help. But Next helped: I have changed Application pool from .Net 4.5 to .Net 4.5 Classic for the web application. The difference in pool Managed pipeline mode, Integrated/Classic.