Please add the following to your web.config, since that is what is needed to allow anonymous access.
<security>
<security>
<authentication>
<windowsAuthentication enabled="false" />
__<anonymousAuthentication enabled="true" />__
</authentication>
</security>