I know how to configure the router as I already mentioned this to another router and did work there but that this one router to a bridge, I can not make

Interface Dot11Radio0
  no ip address
  no ip route-cache
  !
  encryption vlan 2 mode ciphers aes-ccm TKIP
  !
  ssid CISCO_Private
  !
  antenna gain 0
  mbssid
  speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
  station-role root
  rts retries 128
!
Interface Dot11Radio0.1
  dot1Q a native encapsulation
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled

router to a bridge? What is the model of the bridge? Are you pasting config from the bridge?

I will send to this running-config of the AP by

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1.ap
!
enable secret 5 $1$6dGB$vFNp9FjZ44jQOmc3Fbrct0
!
aaa new-model
!
!
!
aaa session-id common
!
!
dot11 syslog
!
dot11 ssid CISCO_Private
   vlan 2
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 0 CiscoAdministrator28
!
!
crypto pki trustpoint TP-self-signed-4273617872
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4273617872
revocation-check none
rsakeypair TP-self-signed-4273617872
!
!
crypto pki certificate chain TP-self-signed-4273617872
certificate self-signed 01
  30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34323733 36313738 3732301E 170D3130 31313234 32333133
  34375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32373336
  31373837 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100CC29 FB3A8D37 8B84AFFC 4A1A8B3D 826F3486 117CF85B B29165CF 02CD549F
  909C1AAE 206D31E5 ED32581A 2AE51B48 451F2363 EC38ECA3 97486D74 E5840146
  9EB49DF6 7F5494A4 B44151AB 2B88DD78 E071B7F0 FD78CCF0 4B430E0C 8C6F2E22
  6F177DFC 2C30388F CB8DD671 6C3260B1 010BD483 C394330C C3E29E5B C54B162F
  09BF0203 010001A3 70306E30 0F060355 1D130101 FF040530 030101FF 301B0603
  551D1104 14301282 1052322E 61702E74 656C656E 65742E62 65301F06 03551D23
  04183016 801492A7 0EB8015C 72BC1E9C A89B520A 964CAC15 91C8301D 0603551D
  0E041604 1492A70E B8015C72 BC1E9CA8 9B520A96 4CAC1591 C8300D06 092A8648
  86F70D01 01040500 03818100 5F84B324 9FEC8A86 F5E551D0 4028774F 26FCB508
  8C218CD9 458B497A C20F5D5A F8F98BB4 8EA25E5D D94CA243 35B5CA43 2C237E37
  D6971DE4 D9E242C2 300AC9B2 F9F9A84A 35A6400D 9D727AE6 8A341E97 7FD7A51E
  895030CF 433A36A9 639CD1BE 5BEB0EB1 C43B7688 7BDB9EC5 B767D4FA B783B9CA
  E8D4E99B CA788CE2 2CA46287
  quit
username cisco privilege 15 secret 5 $1$4Z4G$DXCx0JqOWF9ykjfa8sJjJ0
username Tim privilege 15 secret 5 $1$NrC7$WcEs6W97BwwdPoG.VLJWJ1
!
!
ip ssh version 2
ip scp server enable
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 2 mode ciphers aes-ccm tkip
!
ssid CISCO892W_R1_2.4GHZ_Private
!
antenna gain 0
mbssid
speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
rts retries 128
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface BVI1
ip address 10.10.10.2 255.255.255.0
no ip route-cache
!
interface BVI2
ip address 20.20.20.2 255.255.255.0
no ip route-cache
!
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
!
!
!
line con 0
privilege level 15
no activation-character
line vty 0 4
!
cns dhcp
end
!

I'm pretty sure that the vlan number under the dot11 ssid definition has to match the native vlan. Your native vlan is 1. Change vlan 2 to vlan 1 under SSID.

And also encryption settings must apply to the native VLAN, and in your case you set them to vlan 2.

yes but under the dot11 interface 0 is not

bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled

im not sure what you mean. you must have native vlan specified under dot11 ssid global command

Sent from Cisco Technical Support iPhone App

it would be so in this way but it does not

interface dot11 0
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled

The VLANs are in order in the normal running-config is an interface to vlan 2 ip address 20.20.20.1 255.255.255.0 made

ip dhcp pool R1.test
import all
network 20.20.20.0 255.255.255.0
default-router 20.20.20.1
lease infinite

WLAN interface unit ap0
description Service module interface to manage the embedded AP
Unnumbered Vlan1 ip
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switch port mode trunk
!
Interface Vlan2
ip address 20.20.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1460

in here, change vlan 2 to vlan 1:

dot11 ssid CISCO_Private

vlan 2

authentication open

authentication key-management wpa version 2

mbssid guest-mode

wpa-psk ascii 0 CiscoAdministrator28

and under dot11radio0 interface change encryption from vlan 2 to vlan 1

Sent from Cisco Technical Support iPhone App

yes that is happening now but work is not yet

repost full config from both sides

I post all of this running-config