IIS security

I have a website (host.domain.com, NOT the root web) that I want people to be able to connect to internally without typing in a password. But, I also want it secure so that people from the outside can’t access it without NTFS credentials. I have NT security enabled in the IIS permissions and the domain users have access via the folder’s NTFS permissions, but I still get prompted for the login credentials regardless of whether or not we are connecting through the internal network.