Internet Failover at remote office, what equipment is needed inside and outside the firewalls?

I have a Multi-Office network setup through our ISP. The network allows us to put what ever VLANs/Traffic on the connection we want.   The way it us Currently setup is we have SG500X units at each location. We Trunk the HQ Subnet ( to each of the sites as well as a Subnet that is for Customers to use (


Each Site's SG500X then is setup for layer 3 Routing and Each office has its own Internal Subnet.

Office 2

Office 3



Each router is using RIP to broadcasts its subnets too the other, so when the Local 10.X.0.1 is used at each office it knows which 10.1.0.X SG500X to access to get to the other remote subnet. 

Office 1 and 3 have an Internet Connections. Only Office 1 is used at the moment and I need to get Office 3 Online and Routing for Failover. 


My Question is can I use the SG500X for this?  when I add a second default gateway the only one that shows up is the one with the lowest metric. The other does seem to be there in the CLI Config, though if I remove the Primary Gateway IP from service, I cant get the other sites to use the other Gateway IP that I put in there.  


Can I use the SG500X for this? Do I need to go to a Catalyst style? Should I have the WAN Network setup Differently?








