Don't forget to set roles="*" in the root node as explained from the following extracted from http://msdn.microsoft.com/en-us/library/ms178428.aspx
It is recommended that the root node in a site map allow everyone access. To do this, set the roles attribute to an asterisk (*), or wildcard character, as shown in the following code example.
<?xml version="1.0" encoding="utf-8" ?>
<siteMapNode title="Home" description="Home"
<!-- other <siteMapNode> elements -->
In a site map, you can reference URLs that are outside of your Web application. Access to a URL outside of the application cannot be tested by ASP.NET. Therefore, if you enable security trimming, the site-map node will not be visible unless you set the roles attribute to an asterisk (*), which enables all clients to view the site-map node without first testing access to the URL.