If you use Visual Studio or Visual Web Developer Express, then it's quite simple. You just create a web form (if you'd like to use the default values, name it "Login.aspx"), and drop a Login control from the toolbox on it. That's the easiest way to do so.
Create a folder named MembersOnly, and some form in it any name you'd like.
To test if it's working, create another form, name it Reg.aspx, put a CreateUserWizard on it. Then open the Website menu, inside it the ASP.NET Configuration. Once it opened, goto Security, and "Select authenctication type", indside it select "From the Internet". Then click on Create access rules. inside it click on the "MembersOnly" folder, check Anonymous Users, and Deny, then save. Save your settings. Notice that the program created you a database, named ASPNETDB to your App_Data folder. It has all the basic settings to registrate, login, create roles, etc.
Now run your website, and try to enter the to MembersOnly/yourform.aspx, and you find that it automatically redirects you to your login page. Once you logged in, you can see the page.
You can change any of it's aspects (including the database itself) in the web.config.