diff --git a/test/ingress/conformance/tests/httproute-whitelist-source-range.go b/test/ingress/conformance/tests/httproute-whitelist-source-range.go
new file mode 100644
index 000000000..2990aeff7
--- /dev/null
+++ b/test/ingress/conformance/tests/httproute-whitelist-source-range.go
@@ -0,0 +1,76 @@
+// Copyright (c) 2022 Alibaba Group Holding Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tests
+
+import (
+	"testing"
+
+	"github.com/alibaba/higress/test/ingress/conformance/utils/http"
+	"github.com/alibaba/higress/test/ingress/conformance/utils/suite"
+)
+
+func init() {
+	HigressConformanceTests = append(HigressConformanceTests, HTTPRouteWhitelistSourceRange)
+}
+
+var HTTPRouteWhitelistSourceRange = suite.ConformanceTest{
+	ShortName:   "HTTPRouteWhitelistSourceRange",
+	Description: "A single Ingress in the higress-conformance-infra namespace demonstrates ip access control",
+	Manifests:   []string{"tests/httproute-whitelist-source-range.yaml"},
+	Test: func(t *testing.T, suite *suite.ConformanceTestSuite) {
+		testcases := []http.Assertion{
+			{
+				Meta: http.AssertionMeta{
+					TargetBackend:   "infra-backend-v1",
+					TargetNamespace: "higress-conformance-infra",
+				},
+				Request: http.AssertionRequest{
+					ActualRequest: http.Request{
+						Path: "/foo",
+						Host: "foo.com",
+					},
+				},
+				Response: http.AssertionResponse{
+					ExpectedResponse: http.Response{
+						StatusCode: 403,
+					},
+				},
+			},
+			{
+				Meta: http.AssertionMeta{
+					TargetBackend:   "infra-backend-v1",
+					TargetNamespace: "higress-conformance-infra",
+				},
+				Request: http.AssertionRequest{
+					ActualRequest: http.Request{
+						Path: "/bar",
+						Host: "bar.com",
+					},
+				},
+				Response: http.AssertionResponse{
+					ExpectedResponse: http.Response{
+						StatusCode: 200,
+					},
+				},
+			},
+		}
+
+		t.Run("HTTP request should reach infra-backend with different hostname", func(t *testing.T) {
+			for _, testcase := range testcases {
+				http.MakeRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, suite.GatewayAddress, testcase)
+			}
+		})
+	},
+}
diff --git a/test/ingress/conformance/tests/httproute-whitelist-source-range.yaml b/test/ingress/conformance/tests/httproute-whitelist-source-range.yaml
new file mode 100644
index 000000000..8fb9fbccf
--- /dev/null
+++ b/test/ingress/conformance/tests/httproute-whitelist-source-range.yaml
@@ -0,0 +1,55 @@
+# Copyright (c) 2022 Alibaba Group Holding Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: higress-conformance-infra-ip-not-in-whitelist-test
+  namespace: higress-conformance-infra
+  annotations:
+    nginx.ingress.kubernetes.io/whitelist-source-range: "1.1.1.1"
+spec:
+  ingressClassName: higress
+  rules:
+  - host: "foo.com"
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/foo"
+        backend:
+          service:
+            name: infra-backend-v1
+            port:
+              number: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: higress-conformance-infra-ip-in-whitelist-test
+  namespace: higress-conformance-infra
+  annotations:
+    nginx.ingress.kubernetes.io/whitelist-source-range: "*"
+spec:
+  ingressClassName: higress
+  rules:
+  - host: "bar.com"
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/bar"
+        backend:
+          service:
+            name: infra-backend-v1
+            port:
+              number: 8080
diff --git a/test/ingress/e2e_test.go b/test/ingress/e2e_test.go
index 3c61b03e3..9a2482e72 100644
--- a/test/ingress/e2e_test.go
+++ b/test/ingress/e2e_test.go
@@ -65,6 +65,7 @@ func TestHigressConformanceTests(t *testing.T) {
 		tests.HTTPRoutePermanentRedirect,
 		tests.HTTPRoutePermanentRedirectCode,
 		tests.HTTPRouteTemporalRedirect,
+		tests.HTTPRouteWhitelistSourceRange,
 	}
 
 	cSuite.Run(t, higressTests)