</system.serviceModel>
This behaviour will log the security related events to the event log of the service and can be viewed in the events viewer of the server, not the client.
Below is an example of such an audit. In the first image it is clearly visible that the user that is connecting is using impersonation and trying to logon using an anonymous user which explains why he is being refused access to the service.
In the next slide you can see the user connecting using the correct security settings.