two router guest network issues

I want to connect from modem to my router for my lan then use second router to provide guest wifi. However, if I use the 2nd router I also need to use a lan port on 2nd router for htpc. Is there a way to keep lan ports of 2nd router on same subnet as first router and still have the WiFi of 2nd router isolated?

Basic layout:
Modem-router 1 with most of lan and wifi-router 2 with guest wifi and rest of lan

Should I just hook up switch for rest of lan and hook router 2 to switch or is it possible to do what I want with just two routers?

edit:

LOL I apparently forgot that I had set my laptop not to obtain the IP address automatically at some point when I was messing about. The second router said it did not have internet access and I believed it. Upon changing laptop to obtain IP automatically I was able to get on the internet through lan port of the 2nd router which has the AP isolated. I will have to check and see if it actually is later. What is the best way to do this? Will the getmac command alone be sufficient?

Bah I can see all the other computers on my network through WIFI so apparently the set AP isolated command in ASUS routers is ineffective, but the getmac command did not show them.

 

Thanks for the info.
I have an ASUS RT-AC68U for the main router and an ASUS RT-AC66U for the secondary router. It does appear that the functions of the AC66U are not really active if the DHCP server is off. I wanted to use it as a router so I had access to the bandwidth management and so forth. If I make it an AP then I cannot do that anymore. Maybe the problem is that the first router is the DHCP server so anything connecting to the network has to get access through the AC66 to the AC68. I have an old netgear switch lying around that I can plug into the network between the two routers, but it seems wasteful to run a 16port switch just for the HTPC .

@Pcchen, yes I tried that earlier and it worked to isolate the network, but the HTPC obviously could not get the NAS on the primary network.
Right now I had this

Code:

                ____primary network (NAS and everything else)
               /
MODEM--> AC68U<              HTPC
               LAN of AC66U<
                              - GUEST network

Which was obviously insecure.




So if I do connect it like this

Code:

                ____primary network (NAS and everything else)
               /
MODEM--> AC68U<         HTPC
                SWITCH<
                        WAN of AC66U - GUEST network

Then it should make the GUEST network properly isolated and secure while retaining the ability of the HTPC to access the rest of network. Basically I was just wondering if that was the only easy way to do this. The AC68U should be able to limit the bandwidth of the 66U and thus the guest network, but the switch seems kind of lonely with only two connections .