Hmm.. are your usergroup supposed to log in to the admininterface? Then you need a login policy for the admin-siteaccess. The normal anonymous user only has access to login to the user siteaccess.
(Sidenote: You should almost never remove any of the anonymous policies, because those are usually needed for the system to work properly)