Configure Cisco 851w 871w as a Standalone Access Point

I recently serviced a customer who had a spare Cisco 851w router and asked if I could configure it as a standalone access point. It would be used for a branch office that already had an existing Cisco 2811 router and a Cisco 2960 switch in place. The client wanted to provide some basic, secure wireless access for the branch office users with equipment already on hand. DHCP for the wireless clients was served up from the Cisco 2811 router. Below is the 851w working code used for access point only functionality.

Current configuration : 3804 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AP851
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
aaa session-id common
!
dot11 ssid AP851G
   vlan 1
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 0  < wireless passphrase >
!
ip cef
no ip bootp server
no ip domain lookup
!
no spanning-tree vlan 1
username sysadmin privilege 15 secret 5 < password >
archive
 log config
  hidekeys
!
bridge irb
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3 <- Connect to your existing switch
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet4
 no ip address
 ip virtual-reassembly
 shutdown
 duplex auto
 speed auto
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid AP851G
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
 54.0
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 no ip address
 ip tcp adjust-mss 1452
 bridge-group 1
!
interface BVI1
 ip address 192.168.1.10 255.255.255.0
 ip virtual-reassembly
 ip tcp adjust-mss 1412
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1 <- internal gateway core router ip
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map nonat interface FastEthernet4 overload
!
access-list 1 permit 192.168.0.0 0.0.255.255
snmp-server community public RO
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 transport input telnet ssh
!
scheduler max-task-time 5000
end

AP851#

Enter the following command in config mode "no spanning-tree portfast bpduguard" if you are connecting to a Cisco switch to prevent port blocking. Comments, questions welcomed.