Setting up access from LAN to WAN in ASUS routers (upd. answer below)?

...here I recently discovered an unpleasant thing at work
. The bottom line is this:
there are 3 ASUS routers at work, there is a separate gateway that gives addresses (not DHCP) and Internet access to wired users, so the Internet also comes from this gateway to these routers, but the trick is that after setting up the router, I freely ping and work with the WAN network.
example:
192.168.1.1-254 is the router's LAN network
192.168.10.1-254 is the organization's network, from where the WAN comes to the router, it
turns out that I can freely ping anything and knock from the LAN network to the WAN network, attach network drives, rummage through resources. those. having an IP address of 192.168.1.15 I can ping 192.168.10.1-254 and cling to these resources
So the question is - how can I restrict access from LAN to WAN, so that no pings come, nor the general network is available. this is real? because no one needs such a hole in the network, I don’t need extra packets from wi-fi clients, especially any network worm.
UPDATE
generally contacted support, they said that routers serve for this, that if they try to block access to the internal WAN network, then you will lose the Internet, so the only solution is to create another network closed from the public network.