mac-lockdown-timeout does not work on netlogin ports
When netlogin dot1x is enabled on port with mac-lockdown-timeout enabled the netlogin authenticated mac is not shown in the mac-lockdown-timeout fdb entries
EXOS > 15.7
The behavior of netlogin is changed in EXOS 15.7. Authenticated mac addresses are now programmed as static entries and only the netlogin process can age these. Because of this mac-lockdown-timeout is not working as it is only designed for dynamic fdb entries
Use mac-lockdown instead of mac-lockdown-timeout if that can work for you
Change the switch to be policy enabled, in policy mode the switch does not change the authenticated mac address to static.