I think on your "LogOut" button event, you need to clear session that is
Session.Clear();
Session.Abandon();
Response.Redirect("logout.html");
Once you click this button you session is gone.
Now add code on the pageload of the common control to check if the session is active or gone as below
if(Session["username"] == null)
{
Response.Redirect("login.aspx");
}
This is the most general way logout is handled. And it should serve your purpose unless I have misunderstood your requirement.
Hoep that helps. If it does, mark as answer/upvote.
Milind