Address object group whitelist configuration example
Network requirements
As shown in Figure 192, configure the address object group whitelist feature on the router to allow all packets from subnet 5.5.5.0/24 to pass through.
Figure 187: Network diagram
Configuration procedure
# Configure IP addresses for the interfaces on the router. (Details not shown.)
# Enable the global whitelist feature.
<Router> system-view [Router] whitelist global enable
# Create IPv4 address object group obj1. Configure an IPv4 address object with subnet 5.5.5.0/24.
[Router] object-group ip address obj1 [Router-obj-grp-ip-obj1] network subnet 5.5.5.0 24 [Router] quit
# Add IPv4 address object group obj1 to the whitelist.
[Router] whitelist object-group obj1
Verifying the configuration
# Verify that the router allows all packets from subnet 5.5.5.0/24 to pass through unless you execute the undo whitelist object-group obj1 command on the router. (Details not shown.)