"If you enable Anonymous authentication, IIS always attempts to authenticate the user with Anonymous authentication first, even if you enable additional authentication methods. If the anonymous user account does not have permission to access a specific file or resource, your Web server will not establish an anonymous connection for that resource."
Found it
here[
^].