I have a MOSS 2007 publishing site. I successfully enabled anonymous access for Site Collection A, and could visit its welcome page as an anonymous user. I successfully enabled anonymous access for Subsite B created within that collection, and could visit its welcome page as an anonymous user. I attempted to enable anonymous access for Subsite C created under Subsite B, but I get prompted for user/password and of course get 401 UNAUTHORIZED if I don't enter a password. Subsite C uses the same custom master page as Subsite B. The master is published/approved. Subsite C uses one page layout that is also published/approved. Subsite C's welcome page is is also published/approved. Images and stylesheets are also published (and even they weren't, that would only cause broken images). The anonymous access was turned on after the sites were created, if that might make any difference. Subsite C is set to inherit from Subsite B. These are the steps I followed (taken from a blog post I found): " using the Central Administration section: •First get to your portal. Then under “My Links” look for “Central Administration” and select it. •In the Central Administration site select “Application Management” either in the Quick Launch or across the top tabs •Select “Authentication Providers” in the “Application Security” section •Click on the “Default” zone (or whatever zone you want to enable anonymous access for) •Under “Anonymous Access” click the check box to enable it and click “Save” NOTE: Make sure the “Web Application” in the menu at the top right is your portal/site and not the admin site. You can confirm that anonymous access is enabled by going back into the IIS console and checking the Directory Security properties. IN IIS7 - AUTHENTICATION IN THE IIS SECTION? ("Anonymous Authentication" there says Enabled). •Return to your sites home page and navigate to the site settings page. In MOSS, this is under Site Actions – Site Settings – Modify All Site Settings. In WSS it’s under Site Actions – Site Settings. •Under the “Users and Permissions” section click on “Advanced permissions” •On the “Settings” drop down menu (on the toolbar) select “Anonymous Access” •Select the option you want anonymous users to have (full access or documents and lists only) A couple of notes about anonymous access: •You will need to set up the 2nd part for all sites unless you have permission inheritance turned on •If you don’t see the “Anonymous Access” menu option in the “Settings” menu, it might not be turned on in Central Admin/IIS. You can manually navigate to “_layouts/setanon.aspx” if you want, but the options will be grayed out if it hasn’t been enabled in IIS •You must do both setups to enable anonymous access for users, one in IIS and the other in each site " I don't see the Settings dropdown in Subsite C's Advanced Permissions page, because it's inheriting from Subsite B. Just for kicks I broke the inheritance and enabled anonymous access that way (or noted that it was already enabled) but that didn't help. Any ideas how I can troubleshoot this? I saw someone mention using Fiddler to look at the http requests but (a) I can't get it running on Win7 32-bit, (b) even if I did I'm not sure what I would be looking for. Using Wireshark I see the request and response, but doesn't really give me any clue why. Thanks, a