Does a wireless access point, or a switch, require an IP address?

[JonJ678]

I have a suspicion that this is a stupid question. Hopefully that means a short, simple answer. The objective is to a combine a bridge/transparent firewall with an unmanaged switch / access point.

So, one machine running a dhcp server. This one definitely needs an IP.
A cable goes to a second machine, a firewall, which doesn't need an IP.
If another cable joins this firewall to an access point, to which various laptops connect, does the AP itself need an IP?

The appeal to a bridge firewall is that since it doesn't have an IP, it's rather difficult to attack it directly. I'd like to set up a small box with a wired nic, and a separate wireless nic, as an access point with basic firewalling rules built in. This is also possible. However I'd also like it to lack an IP, in order to make it difficult to compromise the AP itself in the same fashion as the transparent firewall.

Is this idea sound, if unusual?
Cheers

 

[JonJ678]

Interesting. So there isn't really a consensus on this. I think the confusion is over terminology as much as anything else, e.g. a router cannot be put into AP mode unless you're misusing the term router.

As far as I know, an access point effectively is a switch. Everyone seems to agree that a switch doesn't need an IP unless you want to manage it. So if one doesn't want to manage the AP, it probably doesn't need one either.

In the interests of clarity, the hardware I have in mind has a serial port available for management. Since managing it over ssh would be a convenience rather than a necessity, I'd rather have the (possibly imaginary) improvement in security. Clearly I'll still have to worry about securing the dhcp router independent from this.

Please do correct me if I'm wrong. Cheers