You can use URL Rewrite (http://www.iis.net/download/URLRewrite) for that.
Then you can drop a web.config with the contents like:
<configuration>
...
<system.webServer>
<rewrite>
<rules>
<rule name="External IP" stopProcessing="true">
<match url="site-under-construction\.htm" negate="true" />
<conditions>
<add input="{REMOTE_ADDR}" pattern="192\.168\.\d+\.\d+" ignoreCase="false" negate="true" />
<add input="{REMOTE_ADDR}" pattern="::1" ignoreCase="false" negate="true" />
<add input="{REMOTE_ADDR}" pattern="127\.0\.0\.1" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" url="/site-under-construction.htm" redirectType="Found" />
</rule>
</rules>
</rewrite>
</system.webServer>
...
</configuration>
What it basically does is to only apply this rule if the content is not already the "site-under-construction" page (to prevent infinite redirects), and only apply this if the IP-address is not coming from 192.168.XXX.XXX (and is not localhost).
Otherwise it will let them come through to whatever page they requested.
Note that this should not be use as a security mechanism since Remote Addr could be spoofed, but sounds like for your scenario it should be fine.