If your private addresses are in the 10.100.xx.xx range, you will have to use NAT as this is a private address space that is not routable on the internet.
I would also be very concerned about just placing these devices directly on the internet. You should place a firewall of some type in front of the devices and ensure that the devices are hardened and kept up to date on patches and fixes.
I have a router doing NAT in front of all of this. I just don’t want to do NAT into NAT into NAT again if you know what I mean.
Everyone will be behind a single linux box running NAT, but I want to have the other routers subnetted in the internal network so that I can masquarade a Public IP into them if need be…
I get what you are saying now. The bridging should work even for DHCP and RADIUS. I would contact the supplier of the wireless gear and troubleshoot this issue with them. Bridging would be the best option unless you need to segment these networks for some reason. If that is necessary, then maybe create VLANs and keep the same root subnet of 10.100.x.x. Make the subnet mask 255.255.128.0 This will make the first building 10.100.0.1-10.100.127.254 and the second building 10.100.128.1-10.100.255.254. The wireless devices would be the default gateway on each VLAN and they would have a default gateway of the edge router. The edge router would decide which wireless router the traffic needs to be sent to in this case.
IP addr: 10.100.0.253
GW: 10.100.0.254 (this is the LAN interface on the edge router)
IP addr: 10.100.128.254
GW: 10.100.0.253 (this is the WAN interface on the wireless device)
Clients would then use 10.100.128.254 as their default gateway