I have switch with port security enabled on access interfaces. Everything works fine until I move the authorized PC from the port, where switch learned its MAC address to another port. The problem is, that the PC is not allowed; the switch does not age out PC's MAC on the 1st port. If I lower aging time, I can rather completly turn port-security off. The issue is not related to number of allowed addresses on 2nd port, we do not reach the limit. Is there a solution for this (except 802.1x)? If not, switchport port-security is unusable, there are legitimate requirements for end station moves in every network.