Assuming that you have a logging page where you can verify your user against some kind of security schema, do the following:

Once you have verified your user, you can set a session variable such as Session("loggedon") = "Y". Then insert the following code at the top of every page you want to create.

<%
    if session("loggedon") <> "Y" then
        Response.redirect "yourloginpage.asp"
    end if
%>


Better yet, you can create an include file and include it on every page you want to protect. This way if the code needs to change, you only need to change it in one place.