diff --git a/salt/wireguard/init.sls b/salt/wireguard/init.sls
index 67c52f7..2168cb6 100644
--- a/salt/wireguard/init.sls
+++ b/salt/wireguard/init.sls
@@ -4,6 +4,15 @@ wireguard-tools:
 /etc/systemd/system/wireguard@.service:
   file.managed:
     - source: salt://wireguard/wireguard.service
+    - template: 'jinja'
+    - context:
+        gateway: {{ pillar['hosts-inet']['core']['upstream2']
+        endpoints:
+{%- for instance, conf in pillar['wireguard-instances'].items() %}
+  {%- for peer in conf['peers'] %}
+          - {{ peer['endpoint'] }}
+  {%- endfor %}
+{%- endfor %}
 
 {%- for instance, conf in pillar['wireguard-instances'].items() %}
 /etc/wireguard/{{ instance }}.conf:
diff --git a/salt/wireguard/wireguard.service b/salt/wireguard/wireguard.service
index 053ed08..e64be40 100644
--- a/salt/wireguard/wireguard.service
+++ b/salt/wireguard/wireguard.service
@@ -4,6 +4,9 @@ PartOf=wireguard.service
 
 [Service]
 Type=oneshot
+{%- for endpoint in endpoints %}
+ExecStart=-/bin/ip route add {{ endpoint }} via {{ gateway }}
+{%- endfor %}
 ExecStart=/usr/bin/wg-quick up /etc/wireguard/%i.conf
 ExecStop=/usr/bin/wg-quick down /etc/wireguard/%i.conf
 RemainAfterExit=true