The roadwarrior carol sets up a connection to gateway moon. The authentication is based on Preshared Keys (PSK) and Fully Qualified Domain Names (ID_FQDN). leftfirewall=yes automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test the tunnel carol pings the client alice behind the gateway moon.
The significant difference between this scenario and the test rw-psk-fqdn is the additional line rightid=@carol.strongswan.org by which gateway moon restricts the roadwarrior connection to host carol.