A few quick things:
You're storing your passwords in plain text? Never do that.
Use parameters for your query. Look up SQL Injection.
Why are you then storing the UserID and Password returned from the database in local variables? You already have them. Also, look at having a user ID as a separate entity to the username.
Look at "Using". This will dispose of your connection, command and reader when they are finished with, without you having to explicitly do it.
MsgBox does not work on web stuff. (Unless you've got a function somewhere that is mapping MsgBox to stuff that does work)
Now that that is out of the way...
I take it you are storing the staff department in the user table? If not, do it.
Create a table, something like LogonActions(Department int, URL varchar(255))
Here's a slightly better version of your code, but it still has a lot of work that needs doing to it.
Private Sub ConnectToSQL1()
Using con As New SqlConnection, cmd As New SqlCommand
con.ConnectionString = "Data Source = (localdb)\MSSQLLocalDB; Initial Catalog = NipunDB; Integrated Security = True"
cmd.Connection = con
cmd.CommandText = "SELECT UserId, URL FROM UdeepData u, LogonActions l WHERE UserID = @UserName AND Password = @Password AND u.Department = l.Department"
Dim userFound As Boolean = False
Dim UserId As String = ""
Dim URL As String = ""
Using lrd As SqlDataReader = cmd.ExecuteReader()
Do While lrd.Read
userFound = True
UserId = lrd("UserId").ToString
URL = lrd("URL").ToString
If userFound = True Then
MsgBox("Sorry, username or password not found")
Your code has a LOT of issues in it, the redirecting to the other place should be your lowest priority concern with this at the moment.