Hello Donald
Port security has been enabled on Fa0/11, and two MAC addresses have been manually configured for that port security. Because you have a maximum of 3, two of these must match the configured MACs and the third (in your case the 0800.x.x address) can be anything. So at any time, on this port, only the two configured MACs plus one more can be seen. 0800.x.x will not appear in the configuration since it has not been manually configured.
With the configuration as you have it, the MAC of the VM will never appear in the configuration. In order for that to happen, you need this command:
switchport port-security mac-address sticky
The sticky keyword will cause the MAC of any connected device to be recorded and saved within the configuration. The two MAC addresses in the config were not put there by the “sticky” feature, but manually configured as I mentioned before. Otherwise, they would have had the following configuration:
switchport port-security mac-address sticky 3464.a918.d8d0 vlan access
switchport port-security mac-address sticky 9c57.ad3e.f384 vlan access
…which includes the “sticky” keyword.
So you have two choices. Either you manually configure the 0800.x.x MAC, or you add the switchport port-security mac-address sticky command which will automatically read and record the MAC of the VM.
Actually, strictly speaking it is a dynamic MAC address entry since it was not manually configured in the MAC address table. However, Cisco switches will record MAC addresses that appear on interfaces configured with port security as STATIC in the MAC address table, regardless of whether they were manually configured, configured using sticky, or not referenced at all in the interface config.
Finally, the statement “Total Addresses in System (excluding one mac per port)” shows the number of addresses that are being used in port security beyond the single MAC per port. So this number is the total number of MAC addresses in excess of the single MAC per port. So in your case, you have three ports with port security enabled, you have a single MAC address being used for Fa0/18 and Fa0/19, so those don’t count, and you have 3 MAC addresses on Fa0/11 minus the one, gives you a total of 2.
I hope this has been helpful!
Laz