Any visitor whose IP address is in the list of address specified in the white listing area for the login protection will by-pass all login protection scanning.

So, there will be no check for that the user is two-factor authenticated for example.  They wont be subject to anything on this section on the firewall plugin.

Note: If you want to manage whitelisted and blacklisted IP addresses, you can use the IP Lists Management tool. Read more about this here.