When configured with multiple subnets, some users prefer to block those subnets from communicating with one another. There are two ways to block these subnet communications:
1. Enable the "NAT Traffic coming from this interface (and bridged peers)" on the internal interfaces. This will cause all traffic from these interfaces to be NAT'd to auto which is the primary address of whichever interface the traffic exits. Traffic between this interface and any bridged peers will not be NAT'd.
2. You can also create filter rules for both or multiple subnets. You will have to create one rule per every subnet, from Source Address to Destination Address.