Strange, this setup should already separate devices. Have you tried rebooting the device after completing the setup?
You should check whether forwarding between these two zones is enabled. Go to Network → Firewall → General Settings, scroll down to the 'Zone Forwarding' section, click 'Edit' next to lan then lan2; check to see if forwarding is disabled between them. If not, disable it manually from there.
You can also add custom firewall rules to block the traffic between these two networks. In the Network → Firewall → Custom Rules page, paste this rule:
iptables -I FORWARD -s 192.168.1.0/24 -d 10.10.10.0/24 -j REJECT
You can achieve the same in Firewall → Custom Rules, but I find this method to be cleaner and easier to communicate.
DM