given the brief info, I can only offer a guess at what might be wrong. The Web.config content settings influences behaviour.
If the anti forgorgery token is an SSL (Https) only cookie, and you connect to the website using HTTP only, the cookie is not sent. ( secure cookies not allowed on HTTP)
The receiving controller or controller actions marked to check the anti forgery token then fail. AS teh browser doesnt have a cookie to send.
Check browser accepts cookies and that HTTPs is being used.