FMG Refusing to create Policy - no clue why

FMG is on 6.0x

ADOM is on 5.6. Installation target has 5.6.

I created an Interface-zone containing ipsec tunnels 

I created an address object group containing all netowrk address objects I need.  All have set interface to any.

I create a policy:

src interface: uplink (aggregation of port1 and 2)

src address: addres group containig some client

dst infterface: the zone I created above

dst address: the address group a created above

no NAT

Once I supply this to FMG all I get is "firewall/policy/4/dstaddr : dstaddr("Standortnetze") binding interface must be (any) (policyid: 4)".  I don't know whay that happens since the address objects in "Standortnetz " are all bound to "any".

any advice anyone?