I recently had a nasty issue getting Windows Authentication to work on a local instance of IIS 7.5 (Windows 7 Pro) to an ASP.net 4.0 site. I followed the basic steps.
<authentication mode="Windows" />
The issue here is that modern versions of Windows (Windows XP SP2, Windows Server 2003 SP1 and up) include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.
This can be resolved by either explicitly specifying host names or by disabling the loopback check. Obviously the former being the more controlled approach.
Full details of how do to this can be found on MSDN: 896861
Hope this helps someone out. If you have any alternate suggestions or improvements please add.