NoAccess web page pops up for authenticated users

Hi,

I have restricted web pages for admin to manage users in my web app.  In my web.config file, I have this:

<location path="NoAccess.aspx">
  <system.web>
    <authorization>
      <allow users="?" />
    <authorization>
  </system.web>
</location>

<location path="ManageUsers.aspx">
  <system.web>
    <authorization>
      <allow roles="Administrator">
      <deny users="*"/>
    </authorization>
  </system.web>
</location>

<location path="Default.aspx">
  <system.web>
    <authorization>
      <allow roles="Administrator, Manager, User, Temp" />
      <allow users="?" />
    </authorization>
  </system.web>
</location>

The problem is, the NoAccess web page pops up sometimes when users navigate from different Views (I'm using MultiView control and a Master Page).

My web app is in VS 2012 using VB.Net, ASP.NET technology and .NET4.5 framework.  I'm using SqlMembershipProvider.  Because the Admin is in a different county, I have to create web pages so he can add/delete users.

I also have a timeout jquery routine that starts the count down after some period of inactivity.  I wonder if there is some conflict somewhere; or is my web config wrong?

Appreciate any help.