AccessRights:)

if the files are located in the webfolder check accessrights on the files, if they are in a vpp, check accessrights there

Thanks Anders,

Do you mean check the folder permissions?
Or, would it be a setting in web.config/episerver.config?

if you have problem getting /test.gif check test.gif inside the webfolder, guess the IIS user dont have read access

the IISUser has got full permissions on all folders in the site.

I tried added "Everyone" also, but still have the same issue.

Example file is /templates/styles/basic.css

The folder and file all have permissions set.

Has Anonymous Authentication been enabled on the site in IIS?

Anonymous authentication is not enabled in IIS.
We have Basic Authenticaiton enabled however.

On the staging server (which this is) we require a network username/password prompt before the site is served.
This works fine on the old IIS6 box..

I've tried playing around with the Autehnicaiton settings. This has enabled me to get the site loading correctly, however, I can now not get to the logon page and CMS (I get the network prompt, but it won't accept my username/password) 

Could I ask why you are using Basic Authentication? I would assume Forms authentication would do the trick (with Anonymous Access disabled). 

Requirment of client to lockdown staging site with network login prompt. 

All their sites must do this.

Then I think you need to add the EPiServer.Security.BasicAuthentication module to the list of http modules.