diff --git a/CHANGELOG.md b/CHANGELOG.md
index 82b4e7fa..af3c13c8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@ The **patch** part is incremented if multiple releases happen the same month
 * evolinux-base: Add new variable to disable global customisation of bash config
 * roundcube: Use /var/log/roundcube directly
 * evolinux-users: Add sudo mvcli for nagios user
+* vrrpd : configure and restart minifirewall before starting VRRP
 
 ### Fixed
 
diff --git a/vrrpd/tasks/ip.yml b/vrrpd/tasks/ip.yml
index 81c9f08f..4f951928 100644
--- a/vrrpd/tasks/ip.yml
+++ b/vrrpd/tasks/ip.yml
@@ -1,25 +1,6 @@
 ---
 
-- name: set unit name
-  ansible.builtin.set_fact:
-    vrrp_systemd_unit_name: "vrrp-{{ vrrp_address.id }}.service"
-
-- name: add systemd unit
-  ansible.builtin.template:
-    src: vrrp.service.j2
-    dest: "/etc/systemd/system/{{ vrrp_systemd_unit_name }}"
-    force: true
-  register: vrrp_systemd_unit
-
-- name: enable and start systemd unit
-  ansible.builtin.systemd:
-    name: "{{ vrrp_systemd_unit_name }}"
-    daemon_reload: yes
-    enabled: yes
-    state: "{{ vrrp_address.state }}"
-  when:
-    - vrrp_systemd_unit is changed
-    - not ansible_check_mode
+# Configure and restart minifirewall before starting the VRRP service
 
 - name: Check if a recent minifirewall is present
   ansible.builtin.stat:
@@ -55,3 +36,31 @@
     loop_var: peer
   notify: "{{ minifirewall_restart_handler_name }}"
   when: _minifirewall_dir.stat.exists
+
+- name: Flush handlers to restart minifirewall
+  ansible.builtin.meta: flush_handlers
+  when: _minifirewall_dir.stat.exists
+
+
+# Configure VRRP service
+
+- name: set unit name
+  ansible.builtin.set_fact:
+    vrrp_systemd_unit_name: "vrrp-{{ vrrp_address.id }}.service"
+
+- name: add systemd unit
+  ansible.builtin.template:
+    src: vrrp.service.j2
+    dest: "/etc/systemd/system/{{ vrrp_systemd_unit_name }}"
+    force: true
+  register: vrrp_systemd_unit
+
+- name: enable and start systemd unit
+  ansible.builtin.systemd:
+    name: "{{ vrrp_systemd_unit_name }}"
+    daemon_reload: yes
+    enabled: yes
+    state: "{{ vrrp_address.state }}"
+  when:
+    - vrrp_systemd_unit is changed
+    - not ansible_check_mode