I agree Paolo to update IOS but I remember you that 97000 sessions for 600 users are 160 sessions per user. A browser can open 4 TCP connections simultaneously. I have bad experiences with 80K sessions in a NPE-G1 c7200 router. Please, after upgrade if the problem still exists consider tune nat timers. A higher number only can be explained by a TCP NAT timer of 24 hours. If it is not enough study you internal network because your users can be very aggressive generating TCP connections. As last alternative, consider change the PPPoE connection to your checkpoint.
I decided to choose IOS c2800nm-advipservicesk9-mz.124-25g.bin. I will consider tune the timer after a test time.
I will replug the router into network at tomorrow lunch time, then report the result one day after that.
Anyway, thanks you to all quick response.
Sorry, because of not updating the case for long time.
There were some other problems between me and the customer then they delayed the process of this case.
Today I start it again. I will use the OS: c2800nm-advsecurityk9-mz.151-4.M6.bin