write this code to the ~/Default.aspx page instance of the master page
protected void Page_Load(object sender, EventArgs e)
{
if (Session["user"] != null && SessionProperties.IsUser)
Response.Redirect("~/Pages/Default.aspx");
}
And write this code to the master pages of the secure pages
protected void Page_Load(object sender, EventArgs e)
{
if (Session["user"] == null || !SessionProperties.IsUser)
{
Response.Redirect("~/Default.aspx");
}
}