Hi, Jin,
Haven't tried this solution myself but it should be possible by using iptables NETMAP target.
Lets say there's a topology with 2 OpenVPN clients - client1 and client2.
Both clients use 192.168.1.0/24 subnet but using iptables we can "fake" source/destination IP's of incoming/outgoing packets for each client e.g.:
Client1 - 192.168.11.0/24
Client2 - 192.168.12.0/24
On client1 in WebUI -> Network -> Firewall -> Custom rules insert following rules:
iptables -t nat -I PREROUTING -i tun_c_client1 -j NETMAP --to 192.168.1.0/24
iptables -t nat -I POSTROUTING -s 192.168.1.0/24 -o tun_c_client1 -j NETMAP --to 192.168.11.0/24
PREROUTING rule will change destination IP address for incoming packets in tun_c_client1 interface to 192.168.1.0/24.
POSTROUTING rule will change source IP address for outgoing packets in tun_c_client1 interface from 192.168.1.0/24 to 192.168.11.0/24
tun_c_client1 is your OpenVPN client interface name, tun_c_ gets automatically added before the name you've used when creating OpenVPN client interface via WebUI.
Do the same for client2:
iptables -t nat -I PREROUTING -i tun_c_client2 -j NETMAP --to 192.168.1.0/24
iptables -t nat -I POSTROUTING -s 192.168.1.0/24 -o tun_c_client1 -j NETMAP --to 192.168.12.0/24
Only thing that's left is to properly route networks. Client1 should become reachable via 192.168.11.0/24 address range, client2 via 192.168.12.0/24 and so on.
Let me know if you'll have any additional questions regarding configuration.