After working with TAC ClearPass engineer and controller engineer, he found my problem is NOT ClearPass, but in the controller.
For the redirection to work, the new subnet/Vlan interface MUST be configured with an IP address.
Confirm by ping at the controller with source of the new vlan:
WC03 #ping 8.8.8.8 source 100