There are two firewall engines on the MX, one for site to site traffic and one for the rest.
If you are trying to block traffic between two Meraki MXes you need to configure this under the outbound firewall rules found at the bottom of the site to site VPN page.
It sounds like you are configuring this under the Firewall page which is why it is failing