That's actually not allowed under GDPR. You can't deny access to a website based on whether a user accepted non-essential tracking.