How to connect wireless APs to the same Radius server if the sevrer is on a different subnet?

Question

I am trying to create the following setup. I have a pfSense firewall with two NIC (Internet - WAN/LAN - Switch). I am setting up VLANs on the switch so I end up with 3 subnets. A subnet for servers and administrador PCs 192.168.100.0/24, a subnet for wireless devices 172.16.0.0/20, and a subnet for local computers that are always connected via an ethernet port 172.16.16.0/21. I have set up a domain controller with AD to manage my users on 192.168.100.100. I have set up my pfsense so it provides DHCP for each of the vlans. I have added the subnets to the DNS on the windows server, so any client that connects to either of the 172.16.x.x interfaces are getting a correct ip configuration setting and are able to access the mail sevice which is also running on the windows server. So far so good. The problem is that I want to secure the wifi connections with WPA2-Enterprise. I have already configured a RADIUS server on the windows server computer. I have tested it and it works, I used a wireless router with a static LAN ip address out of the DHCP scope so it works as a switch. The clients connect and the security pops up letting only users in my AD access the network. But when I change the wireless router to the subnet it is supposed to be on (172.16.0.0/20) it can't communicate with the windows server running at 192.168.100.100 since it is on a different subnet. So how can I accomplish this without having to move the windows server computer out of the 192.168.100.x network. I want to have a single RADIUS server. Is there something wrong with my approach? Any tips or suggestions are welcomed.