diff --git a/howto/quintex.md b/howto/quintex.md
index 51c618b5ca4180e5c594cb2ee35e8e7105a351cd..0721a12701bea1d2eed24fc29916d182c4d1e366 100644
--- a/howto/quintex.md
+++ b/howto/quintex.md
@@ -137,105 +137,38 @@ You need to rebuild iPXE with `DOWNLOAD_PROTO_HTTPS` and UEFI support:
 
 ```
 git clone git://git.ipxe.org/ipxe.git
-patch < PATH_TO_PATCH_HERE
 cd ipxe/src
-make -j4 bin-x86_64-efi/ipxe.efi
-dd if=/dev/zero of=./ipxe.img bs=512 count=2880
-losetup loop0 ./ipxe.img
-mkfs.msdos /dev/loop0
-sudo mount /dev/loop0 /mnt
-mkdir -p /mnt/EFI/BOOT
-cp bin-x86_64-efi/ipxe.efi /mnt/EFI/BOOT/BOOTX64.EFI
-sudo umount /mnt ; loseup -d loop0
+mkdir config/local/tpa/
+cat > config/local/tpa/general.h <<EOF
+#define	DOWNLOAD_PROTO_HTTPS	/* Secure Hypertext Transfer Protocol */
+#undef	NET_PROTO_STP		/* Spanning Tree protocol */
+#undef	NET_PROTO_LACP		/* Link Aggregation control protocol */
+#undef	NET_PROTO_EAPOL		/* EAP over LAN protocol */
+#undef	CRYPTO_80211_WEP	/* WEP encryption (deprecated and insecure!) */
+#undef	CRYPTO_80211_WPA	/* WPA Personal, authenticating with passphrase */
+#undef	CRYPTO_80211_WPA2	/* Add support for stronger WPA cryptography */
+#define NSLOOKUP_CMD		/* DNS resolving command */
+#define TIME_CMD		/* Time commands */
+#define REBOOT_CMD		/* Reboot command */
+#define POWEROFF_CMD		/* Power off command */
+#define PING_CMD		/* Ping command */
+#define IPSTAT_CMD		/* IP statistics commands */
+#define NTP_CMD		/* NTP commands */
+#define CERT_CMD		/* Certificate management commands */
+EOF
+make -j4 bin-x86_64-efi/ipxe.efi CONFIG=tpa &&
+dd if=/dev/zero of=./ipxe.img bs=512 count=2880 &&
+losetup loop0 ./ipxe.img &&
+mkfs.msdos /dev/loop0 &&
+sudo mount /dev/loop0 /mnt &&
+mkdir -p /mnt/EFI/BOOT &&
+cp bin-x86_64-efi/ipxe.efi /mnt/EFI/BOOT/BOOTX64.EFI &&
+sudo umount /mnt &&
+losetup -d /dev/loop0
 ```
 
-The `PATH_TO_PATCH_HERE` is:
-
-```
-diff --git a/src/config/general.h b/src/config/general.h
-index 2d15f500..3260ad6e 100644
---- a/src/config/general.h
-+++ b/src/config/general.h
-@@ -37,9 +37,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
- #define	NET_PROTO_IPV4		/* IPv4 protocol */
- //#define NET_PROTO_IPV6	/* IPv6 protocol */
- #undef	NET_PROTO_FCOE		/* Fibre Channel over Ethernet protocol */
--#define	NET_PROTO_STP		/* Spanning Tree protocol */
--#define	NET_PROTO_LACP		/* Link Aggregation control protocol */
--#define	NET_PROTO_EAPOL		/* EAP over LAN protocol */
-+#undef	NET_PROTO_STP		/* Spanning Tree protocol */
-+#undef	NET_PROTO_LACP		/* Link Aggregation control protocol */
-+#undef	NET_PROTO_EAPOL		/* EAP over LAN protocol */
- 
- /*
-  * PXE support
-@@ -55,7 +55,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
- 
- #define	DOWNLOAD_PROTO_TFTP	/* Trivial File Transfer Protocol */
- #define	DOWNLOAD_PROTO_HTTP	/* Hypertext Transfer Protocol */
--#undef	DOWNLOAD_PROTO_HTTPS	/* Secure Hypertext Transfer Protocol */
-+#define	DOWNLOAD_PROTO_HTTPS	/* Secure Hypertext Transfer Protocol */
- #undef	DOWNLOAD_PROTO_FTP	/* File Transfer Protocol */
- #undef	DOWNLOAD_PROTO_SLAM	/* Scalable Local Area Multicast */
- #undef	DOWNLOAD_PROTO_NFS	/* Network File System Protocol */
-@@ -77,7 +77,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-  *
-  */
- #define HTTP_AUTH_BASIC		/* Basic authentication */
--#define HTTP_AUTH_DIGEST	/* Digest authentication */
-+//#define HTTP_AUTH_DIGEST	/* Digest authentication */
- //#define HTTP_AUTH_NTLM	/* NTLM authentication */
- //#define HTTP_ENC_PEERDIST	/* PeerDist content encoding */
- //#define HTTP_HACK_GCE		/* Google Compute Engine hacks */
-@@ -86,9 +86,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-  * 802.11 cryptosystems and handshaking protocols
-  *
-  */
--#define	CRYPTO_80211_WEP	/* WEP encryption (deprecated and insecure!) */
--#define	CRYPTO_80211_WPA	/* WPA Personal, authenticating with passphrase */
--#define	CRYPTO_80211_WPA2	/* Add support for stronger WPA cryptography */
-+#undef	CRYPTO_80211_WEP	/* WEP encryption (deprecated and insecure!) */
-+#undef	CRYPTO_80211_WPA	/* WPA Personal, authenticating with passphrase */
-+#undef	CRYPTO_80211_WPA2	/* Add support for stronger WPA cryptography */
- 
- /*
-  * Name resolution modules
-@@ -139,24 +139,24 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
- #define LOGIN_CMD		/* Login command */
- #define SYNC_CMD		/* Sync command */
- #define SHELL_CMD		/* Shell command */
--//#define NSLOOKUP_CMD		/* DNS resolving command */
--//#define TIME_CMD		/* Time commands */
-+#define NSLOOKUP_CMD		/* DNS resolving command */
-+#define TIME_CMD		/* Time commands */
- //#define DIGEST_CMD		/* Image crypto digest commands */
- //#define LOTEST_CMD		/* Loopback testing commands */
- //#define VLAN_CMD		/* VLAN commands */
- //#define PXE_CMD		/* PXE commands */
--//#define REBOOT_CMD		/* Reboot command */
--//#define POWEROFF_CMD		/* Power off command */
-+#define REBOOT_CMD		/* Reboot command */
-+#define POWEROFF_CMD		/* Power off command */
- //#define IMAGE_TRUST_CMD	/* Image trust management commands */
- //#define PCI_CMD		/* PCI commands */
- //#define PARAM_CMD		/* Form parameter commands */
- //#define NEIGHBOUR_CMD		/* Neighbour management commands */
--//#define PING_CMD		/* Ping command */
-+#define PING_CMD		/* Ping command */
- //#define CONSOLE_CMD		/* Console command */
--//#define IPSTAT_CMD		/* IP statistics commands */
-+#define IPSTAT_CMD		/* IP statistics commands */
- //#define PROFSTAT_CMD		/* Profiling commands */
--//#define NTP_CMD		/* NTP commands */
--//#define CERT_CMD		/* Certificate management commands */
-+#define NTP_CMD		/* NTP commands */
-+#define CERT_CMD		/* Certificate management commands */
- //#define IMAGE_MEM_CMD		/* Read memory command */
- #define IMAGE_ARCHIVE_CMD	/* Archive image management commands */
-```
-
-An alternative to this is to use [named configurations](https://ipxe.org/appnote/named_config) instead of
-patching the global file.
+Here we use [named configurations](https://ipxe.org/appnote/named_config) instead of patching the
+`global.h` file. To be verified.
 
 ## iPXE booting
 
@@ -250,10 +183,11 @@ the iPXE environment is like this:
  * net1: public network
  * not detected: extra Intel gigabit network
 
-Make sure the BIOS clock is up to date and that iPXE can ping and
-resolve hosts on the Internet.
+First, connect to the VPN to access the OOB management (see above).
 
-Then upload the `ipxe.img` built in the previous section as a virtual
+Make sure the BIOS clock is up to date.
+
+Upload the `ipxe.img` built in the previous section as a virtual
 floppy image and reboot. 
 
 Press <kbd>F11</kbd> to bring up the boot menu and select the `UEFI:
@@ -287,6 +221,8 @@ You can check the open/closed status of the interfaces with:
 
     ifstat
 
+Make sure that iPXE can ping and resolve hosts on the Internet: TODO.
+
 Finally, boot the image:
 
 ```