Hi Ninja
Sure that this wouldn't work? De-auth the client and when it re-connects intercept the client traffic and forward it to the rael ap - you would (maybe) be able to decrypt the traffic because you would be in the middle and have the needed keys - maybe
My idea here sounds much to simple but I haven't seen anyone trying this..