Problem
I have two separate LAN segments that have the same network address (192.168.1.0/24).  One LAN has a pfSense OpenVPN server to connect remote clients to a local FTP server (for this example).

Network A
  - pfSense OpenVPN Server
          LAN:                      192.168.1.1
          OpenVPN:              192.168.2.1

- FTP Server
          LAN:                      192.168.1.100

Network B
  - Third-party Gateway
          LAN:                      192.168.1.1

- Host 1 (OpenVPN client)
          LAN:                      192.168.1.20
          OpenVPN:              192.168.2.2

In my scenario, Host 1 (on Network B) needs to access the FTP server on Network A.  Ideally, traffic should be routed from the Network B gateway to the pfSense OpenVPN server, then to the Network A LAN.

Since both networks share the same network address, a connection attempt from Network B to 192.168.1.100 fails because that address is considered part of the local LAN and does not get routed through the tunnel.

Solution
To get around this problem, I created a "virtual" IP address for the FTP server using port forwarding.

Under Firewall->NAT->Port Forward, create a new rule.
  - Set the interface to OpenVPN.
  - Set the protocol, as necessary.
  - Set the destination to your "virtual" IP address.  I used 192.168.2.100.
  - Set the destination port range (21 in this example).
  - Set the redirect target IP to the real IP address of the FTP server (192.168.1.100).
  - Set the redirect target port range (21 in this example).
  - Set the filter rule association to Pass.

Now the FTP server on Network A essentially looks like this:
  - FTP Server
          LAN:                      192.168.1.100
          OpenVPN:              192.168.2.100

Clients on Network B can access the FTP server over the tunnel by referring to it using its "virtual" IP address.

Aaron