EDIT: This worked for me perfectly....until I rebooted the device, and now it wont work. Even after restoring a backup taken while it was working. I will update again if I find a cause.
EDIT 2: Looks like the issue was my ISP router. After restoring backups and starting again from scratch nothing worked. Until I rebooted my ISP router, then it worked perfectly again.
I just spent a week trying to get this to work (delayed mostly due to me being an idiot and locking myself out repeatedly, plus Christmas slowed me down a little). Wanted to share how I got it working somewhere for other people to find, and it seems to be related to your situation too.
I finally got it to work by turning on DHCP Relay from my Wireless interface. This points to the main routers IP address, and passes DHCP requests directly to the main router. No NATing involved.
Full setup I have:
Hardware: hAP AC
Reset configuration with no default config
Bridged ALL ports that I might use (In my instance, I kept wlan1 disabled, as I don't want 2.4GHz, so all other ports, but you could set up a separate AP here)
Set up a new Security Profile to match the main routers details. I selected all authentication types and entered my main routers Wifi Password and saved.
wlan2 set up as a "station-pseudobridge" set to 5GHz-only-AC (I did this to ensure I get the maximum throughput between the two routers)
Set the view for wlan2 configuration to Advanced Mode and set the Security Profile to the profile you set above.
Select Apply and then Scan...
Click Start and select the main routers SSID, then click Connect.
Select IP > DHCP Relay
Add a new relay, putting in wireless interface (wlan2) and your main routers IP Address.
OPTIONAL: DHCP Client
You can set up to have the Bridge get an IP address from DHCP too, so you can connect to the unit without being directly connected. Just add a new DHCP Client, select the bridge name, and enable it. You will see it get an IP quite quickly.
Done. This was all I needed to do. No NAT, no special VLANs, etc. Each device plugged in is getting a unique IP within the same range as the rest of the network.
Note on setting it to AC Only :- When I had this as the broad 5GHz option, I found I was limited to 450Mbps, whereas when I switched to AC-only, I was topping out just over 1,000Mbps. I don't know if RouterBoardOS or the main router was selecting the lower options, but forcing it to AC worked perfectly.