Do you have SELinux in enforcing mode (as is the default) in your RHEL 6.4 environment?
The SELinux policy might be stopping a normally-started rsyslog daemon from using TCP, but running it in foreground and debug mode might be bypassing the restriction.
Check /var/log/audit/audit.log. If it indicates that rsyslog's TCP connections are being denied, it indicates that SELinux is causing your problem. In that case, you might have to add customized SELinux rules for custom rsyslog configurations like yours. The "audit2allow" command might be very helpful here: feed it the audit.log lines caused by the rsyslog TCP connection attempt, and it will produce the necessary SELinux rules to allow it.