diff --git a/src/py/flwr/common/constant.py b/src/py/flwr/common/constant.py
index 664eb5a30cd7..48c17aefad7d 100644
--- a/src/py/flwr/common/constant.py
+++ b/src/py/flwr/common/constant.py
@@ -116,7 +116,8 @@
 PUBLIC_KEY_HEADER = "public-key-bin"  # Must end with "-bin" for binary data
 SIGNATURE_HEADER = "signature-bin"  # Must end with "-bin" for binary data
 TIMESTAMP_HEADER = "timestamp"
-TIMESTAMP_TOLERANCE = 10  # Tolerance for timestamp verification
+TIMESTAMP_TOLERANCE = 10  # General tolerance for timestamp verification
+SYSTEM_TIME_TOLERANCE = 5  # Allowance for system time drift
 
 
 class MessageType:
diff --git a/src/py/flwr/server/superlink/fleet/grpc_rere/server_interceptor.py b/src/py/flwr/server/superlink/fleet/grpc_rere/server_interceptor.py
index 2e60a8e0220c..c7b5370f415b 100644
--- a/src/py/flwr/server/superlink/fleet/grpc_rere/server_interceptor.py
+++ b/src/py/flwr/server/superlink/fleet/grpc_rere/server_interceptor.py
@@ -25,6 +25,7 @@
 from flwr.common.constant import (
     PUBLIC_KEY_HEADER,
     SIGNATURE_HEADER,
+    SYSTEM_TIME_TOLERANCE,
     TIMESTAMP_HEADER,
     TIMESTAMP_TOLERANCE,
 )
@@ -38,6 +39,9 @@
 )
 from flwr.server.superlink.linkstate import LinkStateFactory
 
+MIN_TIMESTAMP_DIFF = -SYSTEM_TIME_TOLERANCE
+MAX_TIMESTAMP_DIFF = TIMESTAMP_TOLERANCE + SYSTEM_TIME_TOLERANCE
+
 
 def _unary_unary_rpc_terminator(message: str) -> grpc.RpcMethodHandler:
     def terminate(_request: GrpcMessage, context: grpc.ServicerContext) -> GrpcMessage:
@@ -100,7 +104,7 @@ def intercept_service(
         current = now()
         time_diff = current - datetime.datetime.fromisoformat(timestamp_iso)
         # Abort the RPC call if the timestamp is too old or in the future
-        if not 0 < time_diff.total_seconds() < TIMESTAMP_TOLERANCE:
+        if not MIN_TIMESTAMP_DIFF < time_diff.total_seconds() < MAX_TIMESTAMP_DIFF:
             return _unary_unary_rpc_terminator("Invalid timestamp")
 
         # Continue the RPC call