I'm investigating an issue where I believe I've found a solution, but I have no idea why it works. Looking for some sound reasoning on the below :)
Website currently has Anonymous and Forms authentication enabled. If stuck in the Intranet zone (default settings), Windows Authentication works for domain joined, on network computers. If a remote computer terminate VPN, restarts, the website will no
longer function.
After doing some digging, I tried enabling Windows Authentication which had the providers 1. Negotiate, and 2. NTLM. I was able to get the off-network domain joined machines to authenticate correctly via any of the following three: Promote NTLM, Remove
Negotiate, Disable Windows Authentication with NTLM as only provider. Interestingly enough, if I disable Windows Authentication with Negotiate at the top, authentication fails again.
It seems like the providers are configured in the Windows Authentication section, and that they still matter regardless if Windows Authentication is enabled. Am I on to something?