So , in your web config make next changes :
<system.web>
<compilation debug="true" />
<authentication mode="Forms" />
<sessionstate mode="InProc" cookieless="false" timeout="1">
</sessionstate>
</system.web>
Add Global.asax class file in root of your application or website.
This method works only if Global.asax is present in application.
you can also put this code in in a class and inherit all pages of application from this class acting as base class for all pages to check for session timeout.
protected void Page_Init(object sender, EventArgs e)
{
if (Context.Session != null)
{
if (Session.IsNewSession)
{
HttpCookie newSessionIdCookie = Request.Cookies["ASP.NET_SessionId"];
if (newSessionIdCookie != null)
{
string newSessionIdCookieValue = newSessionIdCookie.Value;
if (newSessionIdCookieValue != string.Empty)
{
Response.Redirect("Login.aspx");
}
}
}
}
}