Restricted Advance Shell - examples of challenges

How am I supposed to change WAN configuration in console without Advanced Shell? Many cloud providers (hetzner, Ionos Cloud, Linode, Lansol, just to name a few) will deploy only /32 ip addresses to the WAN port. As a consequence, there will be no default route on XG. Previously, I was able to help myself by configuring ip route add default manually via advanced shell and enabling system appliance_access via CLI to gain temporary access to WebAdmin. Then I was able to configure the interfaces and make the routes persistent. Both of these solutions do not work anymore in v19. Do I really have to setup a client VM to access the XG locally in a cloud environment? I'm actually better off installing another firewall.

Are you using Sophos XG home on those vendors? Is this a real "home deployment" or business deployment? 

Why does this matter? Both home and business XGs are affected by this. Even if I want to activate subscriptions I have to access Webadmin, which will not work in this scenario.

Only Trials (30 Days) and Home are affect. But its correct, you will not be able to install the appliance in this state. 

Only Trials (30 Days) and Home are affect. But its correct, you will not be able to install the appliance in this state. 

No. Business XG's are also affected. You are aware that business XGs do also run on evals before subscriptions are being activated? E.g. when doing fresh install or first setup? For registration and licensing, webadmin access is necessary. So if I deployed a XG before any subscriptions are active, I will also not be able to access the Advanced Shell e.g. to change interface configuration in order to access WebAdmin in Cloud Deployments. Without Advanced Shell, there is no way around this "core issue". Tell me, how would you set up a v19 cloud XG in e.g. IONOS Cloud? Do you tell your partners and customers, they have to install a windows vm to access the XG webadmin locally from inside the datacentre? They will ditch the product right away.

That is correct. There is currently no workaround in case you cannot register the appliance in the first place. That is the reason, we are asking for such feedback, so Sophos can pick up those requirements. 

About the installation process. Does IONOS support templates? Because "officially supported public cloud vendors" like AWS, Azure have templates of SFOS pre installed in there marketplace. 

It's useless to argue any further. Let Sophos taste their own medicine. No advanced customers anymore with V19.

They clearly showed, how they care about us and the answer is, not a single second. The "what are the challenges" only appeared, after the community called out the removal of the advanced shell multiple times. They could've just started this exact thread like a year ago and presented us a V19 EAP with a sufficient CLI, so that there is no need for a shell, but they did not. Tells me, they don't care about their customers in any way.

Nothing against LuCar Toni. He is just here to help, but honestly the ship has already sailed.

Throwing something out like that and just wait if an outcry from your customers/partners happens is plain cheeky and as you said: if it would've mattered to improve the product, there would've been much better ways, but this wasn't their intention. Just after they realized that they messed up, they came around with this thread. On the other hand, this is the exact bad behaviour I would've expected from Sophos.

Thanks for your Feedback. 

Come on LuCar, we all know that Sophos doesn't care about feedback at all.