Security can be applied on many levels. For example:
If you open the forum page with a microflow, make sure to check the allowed roles for that microflow.
If you open the page directly, make sure to check the allowed roles for that page.
If the forum is in it's own module make sure that in Project Security under User Roles, for every role you have, you select the module roles that apply to that user role.