diff --git a/roles/lxc/files/lxc-net.host_bridge b/roles/lxc/files/lxc-net.host_bridge
new file mode 100644
index 0000000000000000000000000000000000000000..3e6807bec4594c6c7aba33cde394b14a26febb01
--- /dev/null
+++ b/roles/lxc/files/lxc-net.host_bridge
@@ -0,0 +1 @@
+USE_LXC_BRIDGE="false"
diff --git a/roles/lxc/templates/lxc-net.j2 b/roles/lxc/files/lxc-net.masquerade_bridge
similarity index 100%
rename from roles/lxc/templates/lxc-net.j2
rename to roles/lxc/files/lxc-net.masquerade_bridge
diff --git a/roles/lxc/tasks/main.yml b/roles/lxc/tasks/main.yml
index 948cfa7dcc9c598aa6d09472ad41526c6a5514b8..406bc194d776b71b293baf56828e65e5fc8e8e54 100644
--- a/roles/lxc/tasks/main.yml
+++ b/roles/lxc/tasks/main.yml
@@ -1,8 +1,27 @@
 ---
 
-- name: Masquerade bridge configuration
+- name: LXC packages installation
+  ansible.builtin.apt:
+    force_apt_get: true
+    name:
+      - lxc
+      - lxcfs
+      - bridge-utils
+    state: present
+  register: apt_status
+  retries: 60
+  until: apt_status is success or ('Failed to lock apt for exclusive operation' not in apt_status.msg and '/var/lib/dpkg/lock' not in apt_status.msg)
+
+- name: Host bridge configuration
   when: lxc_network_type == 'host_bridge'
   block:
+    - name: Masquerade bridge configuration disabling
+      notify: restart lxc-net
+      ansible.builtin.copy:
+        src: lxc-net.host_bridge
+        dest: /etc/default/lxc-net
+        mode: "644"
+ 
     - name: Ask confirmation
       ansible.builtin.pause:
         prompt: |
@@ -12,7 +31,6 @@
           Documentation (section host device as bridge): https://wiki.debian.org/LXC/SimpleBridge
           Continue (yes/no)
           -------------------------------------------------------------------------------------------
-      when: lxc_network_type == 'host_bridge'
       register: confirm_continue
       no_log: true
 
@@ -21,33 +39,21 @@
         msg: 'Installation aborted'
       when: not ((confirm_continue.user_input | bool) or (confirm_continue.user_input | length == 0))
 
-- name: LXC packages installation
-  ansible.builtin.apt:
-    force_apt_get: true
-    name:
-      - lxc
-      - lxcfs
-      - bridge-utils
-    state: present
-  register: apt_status
-  retries: 60
-  until: apt_status is success or ('Failed to lock apt for exclusive operation' not in apt_status.msg and '/var/lib/dpkg/lock' not in apt_status.msg)
-
-- name: Default container configuration
-  notify: restart lxc
-  ansible.builtin.template:
-    src: lxc-default.j2
-    dest: /etc/lxc/default.conf
-    mode: "644"
-
 - name: Masquerade bridge configuration
   when: lxc_network_type == 'masquerade_bridge'
   block:
     - name: Container network configuration
       notify: restart lxc-net
-      ansible.builtin.template:
-        src: lxc-net.j2
+      ansible.builtin.copy:
+        src: lxc-net.masquerade_bridge
         dest: /etc/default/lxc-net
         mode: "644"
 
+- name: Default container configuration
+  notify: restart lxc
+  ansible.builtin.template:
+    src: lxc-default.j2
+    dest: /etc/lxc/default.conf
+    mode: "644"
+
 ...