Here:
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*"/>
</authorization>
</system.web>
</configuration>
The <deny users="?"/>
will deny anonymous users while <allow users="*"/>
will allow all authenticated users
reference : Setting authorization rules for a particular page or folder in web.config