Hi,
It is possible, for some needs I am using it too.
First, you do not need the discovery interface because you are not using hotspots anymore.
Second, you need to redirect the data from CAPsMAN to the router itself instead of the outside interfaces. The localhost then, 127.0.0.1.
This parameters must be set in CAPsMAN adresses.
You can keep the brigde at the end for every cap you seek to create.
At last, you must see your firewall filtrer rules, those data must be accepted by one in your router.
One is already setup by factory default if I am right and commented as named capsman local or something.
From my side I had to moved it to the second or third position to make it works.
If not, create a new one by chain forward, with the localhost adress source and action accept.
Your capsman setup should not need to be modified.
That's it and it should works properly, my last advice for your setup is to use certicates
Hope it help.