you need to create another subinterface on the router which ip address is in the same network with the switch and apply  ACL's if you dont want to apply inter vlan communication.or you can join the switch in same vlan with previous switch in same net...