FortiExtender in SD-Wan Rule not working

I have this constellation:

FGT100E with a FEX connected to it via capwap.

FGT has authorized the FEX and added a device ofor it.

All wans plus FEX are members of sd-wan. All wans except FEX are part of SD-WAN health check.

I kept FEX out because it should do dial on demand and I don't want it to connect every some minutes due the health check.

SDWAN has this setup:

rule #1: use WAN1 and WAN2 for all  to all  with maximize bandwith and two sla targets.

rule #2: use the other wan port for all to all with maximize bandwith and two sla targets.

rule #3: use the FEX for all to all with mode manual.

FEX is set to dial on demand and the LTE Connection does establish if i set it to connect permanently.

So in normal state traffic to the internet hits sdwan rule #1.

If I disconnect WAN1 and WAN2 it switches to rule #2 - good

If I disconnect all wans except the FEX - no more internet at all. FEX stays disconnected.

Additionally the SD-WAN Monitor on the 100E keeps telling me "link error" on the FEX interface.

But the FEX is there in Network->FortiExtender and it can be configured and monitored there correctly.

So something seems to prevent sd-wan from correctly detecting that the fex interface is up.

Does anyone have any hint what that could be?