Nope the firewall is the simplest way.
OK. I tried the firewall and it seemed to block more than it should have (e.g. no Internet access).
The network is setup as such:
Router:
10.200.91.1 - VLAN1
10.200.92.1 - VLAN2
10.200.93.1 - VLAN3
Is there an easier way than making a rule on each VLAN specifically blocking access to the other VLANs?
For example a rule like (if dst-address!=10.200.93.1 then block). Problem with this rule is it blocks Internet access as well. I guess I could create an ip-list and then include that but I feel like I'm duplicating things over and over.